Re: pwdChangedTime not defined when creating new entry

Thursday, 5 March 2020

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Thursday 5 March 2020 10:10, Dieter Klünter <dieter(a)dkluenter.de&gt; wrote:

...
 Am Wed, 04 Mar 2020 13:36:08 +0000
 schrieb Manuela Mandache manuela.mandache(a)protonmail.com:

 > Hello all,
 > We have a directory running on OpenLDAP 2.4.44 with the ppolicy
 > overlay on the main database. When a new entry with a userPassword
 > defined is created, pwdChangedTime is not defined, so this initial
 > userPassword never expires.
 > The directory has been migrated from its OpenLDAP 2.3.34 instance
 > (yes, we missed some steps...), and there the pwdChangedTime is set,
 > and naturally equal to createTimestamp.
 [...]
 The password attribute value must be set by a password modify exented
 operation in order to set password policy in effect, see man
 slapo-ppolicy(5)

 -Dieter

Thank you for the answer. It's the change of behavior between OpenLDAP 2.3.34 and
2.4.44 which surprised me.

Regards,

Manuela

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: pwdChangedTime not defined when creating new entry