‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Thursday 5 March 2020 10:10, Dieter Klünter <dieter(a)dkluenter.de> wrote:
Am Wed, 04 Mar 2020 13:36:08 +0000
schrieb Manuela Mandache manuela.mandache(a)protonmail.com:
> Hello all,
> We have a directory running on OpenLDAP 2.4.44 with the ppolicy
> overlay on the main database. When a new entry with a userPassword
> defined is created, pwdChangedTime is not defined, so this initial
> userPassword never expires.
> The directory has been migrated from its OpenLDAP 2.3.34 instance
> (yes, we missed some steps...), and there the pwdChangedTime is set,
> and naturally equal to createTimestamp.
The password attribute value must be set by a password modify exented
operation in order to set password policy in effect, see man
Thank you for the answer. It's the change of behavior between OpenLDAP 2.3.34 and
2.4.44 which surprised me.