directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <>
Subject [jira] [Commented] (DIRSTUDIO-1182) unable to add or see some attribute for pwdpolicy schema.
Date Fri, 01 Jun 2018 11:51:00 GMT


Emmanuel Lecharny commented on DIRSTUDIO-1182:

That is exactly what I told you to do in my previous comment :-) Glad you got it working.

Regarding the {{pwdPolicySubentry}} attribute, it's an operational attribute, thus it's entirely
meaningful for the server, but not for the client. It's not associated with any {{ObjectClass}},
so if you try to add such an attribute to an entry, you will get a warning.
Normally, if it's a critical attribute, then it will also have the {{NO-USER-MODIFICATION}}
flag that forbid the user to change it or add it to an entry. For instance :

( NAME 'creatorsName'
        EQUALITY distinguishedNameMatch
        USAGE directoryOperation )

> unable to add or see some attribute for pwdpolicy schema.
> ---------------------------------------------------------
>                 Key: DIRSTUDIO-1182
>                 URL:
>             Project: Directory Studio
>          Issue Type: Question
>            Reporter: steve balon
>            Priority: Major
>         Attachments: image-2018-05-31-23-56-59-154.png, image-2018-06-01-11-08-02-182.png,
image-2018-06-01-12-55-42-535.png, image-2018-06-01-12-56-49-149.png
> We are deploying the PWDpolicy schema on our Open LDAP.
> I'm using Apache directory studio : 
> Version: 2.0.0.v20170904-M13
> The schema has been uploaded to the ldap tree : 
> Including component versions:
> - openldap 2.4.44
> - openssl 1.0.2k
>  * Berkeley DB 6.2.23
> When we try to add the pwdPolicySubentry in one User
> the attribute is well recognize by the tool because showed in the entry : 
> !image-2018-05-31-23-56-59-154.png!
> but the addition fail with a message : 
> "Warning, according to the schema, the attribute pwdPolicySubentry is not authorized
> Do you still want to add it."
> if I add it, it's added somehow, because if I try the error message say that the attribute
is already there or cannot have 2 values.
> but even if I refresh, the apache directory studio didn't show it.
> I have the exact same issue with the attribute : pwdChangedTime
> I can enter a date, but it's not showed on the tree.
> I really want to confirm how I can see that, because also, I have a cluster of LDAP and
want to be sure that those specific 2 entry are replicated. and I can't confirm if I didn't
see it.
> Do you have any idea or explanantion for me ?
> Thanks.
> Steve

This message was sent by Atlassian JIRA

View raw message