directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Heu, Tou-Soua" <>
Subject Re: [ApacheDS] - Account permanently locked
Date Wed, 20 Mar 2013 17:32:07 GMT
I have a similar problem but instead of the system/admin account it's for an ordinary LDAP

1) what is the process to unlock an account which has been locked due to excessive login failure?

Resetting the password doesn't clear the locked state.

Looking at other LDAP products, like the IBM Tivoli Directory Server, I'm guessing that one
would need to delete both "pwdFailureTime"  and "pwdAccountLockedTime" attributes but for
whatever reasons we can't delete the later, even with the system account (this situation occurred
on the 2.0 M6 build, not sure if this was fixed in recent versions like M11).

In reviewing the 2.0 documentation, I couldn't find answers to these other general usage:

2) what is the process for unlocking an account for other scenario, if applicable, like an
expired account?
3) how do you overwrite the password policy for a given account or container? In another word,
       3.a) flag it to not be bound by any password policy, or
       3.b) set it to use a different password policy than its parent


Addendum: is this related to issue logged under DIRSERVER-1813?

This email and any files transmitted with it are confidential, proprietary
and intended solely for the individual or entity to whom they are addressed.
If you have received this email in error please delete it immediately.

View raw message