directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <kayyag...@apache.org>
Subject [ApacheDS] preventing built-in admin account from getting locked permanently
Date Fri, 22 Mar 2013 13:25:40 GMT
Hi guys,

     We have an issue in the server where the admin (uid=admin,ou=system)
account can get locked
     permanently based on the ppolicy configuration to lock accounts [1].

     IMO we should allow all user and admin accounts to get locked
permanently (again, based on the ppolicy config)
     except the system's built-in admin account (uid=admin,ou=system). This
is just to prevent any abuse involving a
     regular admin account.

     Please suggest if you have any other opinions or suggestions based on
the operations perspective in a production environment.

[1] https://issues.apache.org/jira/browse/DIRSERVER-1812

-- 
Kiran Ayyagari
http://keydap.com

Mime
View raw message