I have created the lastlogintime attribute and lastfailurelogintime
attribute (user defined attribute).
For each time I input the wrong password, I will also update the
lastfailurelogintime attribute, then, after 3 failure attempt (I set 3
times login failure attempt in password policy), the attribute
pwdAccountLockedTime will then be replicated.
Gavin Henry wrote:
Paul Lee wrote:
> Dear sir,
> I found that the account policy can't be replicated in openldap 2.4.8
> I setup 2 servers, with Mirror mode. Then, I added the password
> policy and some user accounts in server 1, I then startup server 2,
> the user accounts are replicated to server 2.
> mirrormode on
> serverID 1
> slapd.conf in server 2 :
> # Password policy
> overlay ppolicy
> ppolicy_default "cn=default,ou=Policies,o=HKSARG"
> overlay syncprov
> #access to * by dn="cn=Manager" write by * read
> access to * by * write
> access to * by * read
Are these your only ACLs?
What do your logs indicate?
Confidential Communication - This e-mail (including any attachments) is confidential and
legally privileged. If this e-mail has been sent to you by mistake please inform us by
e-mail and then delete the e-mail, destroy any printed copy and do not disclose or use the
information in it.