directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pontus Freyhult <pontus_apache...@soua.net>
Subject Replication and pwdReset
Date Wed, 28 May 2014 07:24:35 GMT
  Hi,

we've got 2.0.0-M16 with patches for DIRSERVER-1971 backported (to be
able to have access control and replication) set up on two servers
with circular replication (A->B, B->A).

We're also running with password policies, specifically we require
users to change their passwords after they've been reset by an
administrator, which seems governed by the attribute pwdReset on the
user's object.

After resetting the password, pwdReset: TRUE is set on the user object
and that seems to replicate correctly to the other server. When the
user changes the password, pwdReset is removed from the user object -
but that attribute removal doesn't replicate.

My first suspicion was that it was somehow related to pwdReset not
being part of any objectClass for the object (along the lines of "it
only needs to check for possible attributes that may have gone
missing"), but I tried making a new objectClass (with MAY pwdReset)
and apply it to my account without seeing any improvement.

I haven't noticed any interesting errors in the logs running with

log4j.logger.org.apache.directory.server.PROVIDER_LOG=DEBUG
log4j.logger.org.apache.directory.server.CONSUMER_LOG=DEBUG

is there any other part that may produce more interesting logs for
this or does anyone have other suggestions?

regards,
  /Pontus

Mime
View raw message