Here are my results.. Any thoughts as to why this is not working?

As for my ldap version, I'm using the version provided in CentOS 6. I would prefer to use these prepacked builds whenever possible. If there is an issue where this will not work on that version, then I'll go ahead and upgrade.

TESTS: RESULT:

pwdSafeModify: FALSE PASS: Message: LDAP password information update failed: Insufficient access. Must supply old password to be changed as well as new one

pwdAllowUserChange: FALSE PASS: Message: LDAP password information update failed: Insufficient access. User alteration of password is not allowed

pwdMaxAge: 300 FAIL: Login still allowed after 300 seconds.

pwdExpireWarning: 10 FAIL: No warning message

pwdInHistory: 3 FAIL: I can still flip between 2 passwords

pwdMinLength: 12 FAIL: I can still set a 6 char password

pwdMustChange: FAIL: I am not forced to change passwd.

pwdMaxFailure: 2 FAIL: Still allowed in after 6 failures

Other Info:

pwdLockout: TRUE

pwdLockoutDuration: 600

Thanks,

Dan

On Wed, Apr 10, 2013 at 10:41 AM, Quanah Gibson-Mount <quanah@zimbra.com> wrote:

--On Wednesday, April 10, 2013 9:30 AM -0400 D C <dc12078@gmail.com> wrote:

Server is openldap 2.4.23

Seriously? You're using a version of OpenLDAP that is nearly 3 years old? Why would you do that to yourself?

--Quanah

--

Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration