--On Wednesday, December 1, 2021 12:22 PM -0500 Dave Macias davama@gmail.com wrote:
the functionality in core uses behera-ppolicy's pwdLastSuccess attribute instead.
Thank you for that. I see that attribute:
dn: cn=config pwdLastSuccess: 20211201143557Z
dn: cn=schema,cn=config
olcAttributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.29 NAME 'pwdLastSuccess' DESC 'The timestamp of the last successful authentication' EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
Does that mean i will have to change each "authTimestamp" attribute to "pwdLastSuccess" on my data dit ? Of course once the ITS#9725 fix is applied.
No.
If you want to use "authTimestamp", you need the fix.
If you don't want to use "authTimestamp" and pwdLastSuccess is sufficient, you don't need the fix nor do you need to load the lastbind contrib module.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com