directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <kayyag...@apache.org>
Subject Re: Replication and pwdReset
Date Wed, 28 May 2014 09:43:48 GMT
On Wed, May 28, 2014 at 12:54 PM, Pontus Freyhult <pontus_apache_ds@soua.net
> wrote:

>   Hi,
>
> we've got 2.0.0-M16 with patches for DIRSERVER-1971 backported (to be
> able to have access control and replication) set up on two servers
> with circular replication (A->B, B->A).
>
> We're also running with password policies, specifically we require
> users to change their passwords after they've been reset by an
> administrator, which seems governed by the attribute pwdReset on the
> user's object.
>
> After resetting the password, pwdReset: TRUE is set on the user object
> and that seems to replicate correctly to the other server. When the
> user changes the password, pwdReset is removed from the user object -
> but that attribute removal doesn't replicate.
>
> My first suspicion was that it was somehow related to pwdReset not
> being part of any objectClass for the object (along the lines of "it
> only needs to check for possible attributes that may have gone
> missing"), but I tried making a new objectClass (with MAY pwdReset)
> and apply it to my account without seeing any improvement.
>
> I haven't noticed any interesting errors in the logs running with
>
> log4j.logger.org.apache.directory.server.PROVIDER_LOG=DEBUG
> log4j.logger.org.apache.directory.server.CONSUMER_LOG=DEBUG
>
> is there any other part that may produce more interesting logs for
> this or does anyone have other suggestions?
>
> this is clearly a bug, I am looking into it right now, meanwhile
can you file a bug report with your findings?

> regards,
>   /Pontus
>



-- 
Kiran Ayyagari
http://keydap.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message