Hello,
Can someone explain the expected operation of the pwdFailureCountInterval attribute please? The documentation seems to be fairly clear, but if I add it to the password policy, along with some other attributes, the account remains locked, even after the pwdFailureCountInterval time. Despite authenticating with a valid password, the pwdFailureTime entries remain and the account remains locked.
These are the attributes in use: pwdLockout: TRUE pwdMaxFailure: 5 pwdFailureCountInterval: 1200
Thanks.
Tom
Le 27/02/2019 à 04:05, Tom Jay a écrit :
Hello,
Can someone explain the expected operation of the pwdFailureCountInterval attribute please? The documentation seems to be fairly clear, but if I add it to the password policy, along with some other attributes, the account remains locked, even after the pwdFailureCountInterval time. Despite authenticating with a valid password, the pwdFailureTime entries remain and the account remains locked.
These are the attributes in use: pwdLockout: TRUE pwdMaxFailure: 5 pwdFailureCountInterval: 1200
Hello Tom,
if you read the documentation, you will see that you need to configure pwdLockoutDuration to set the time during which the account is locked.
openldap-technical@openldap.org