Joshua A. Haftel created DIRSERVER-2177:
-------------------------------------------
Summary: Admin account expiration
Key: DIRSERVER-2177
URL: https://issues.apache.org/jira/browse/DIRSERVER-2177
Project: Directory ApacheDS
Issue Type: Bug
Components: ldap
Affects Versions: 2.0.0-M21
Environment: Windows 10/Cygwin
Linux RHEL6
Reporter: Joshua A. Haftel
We have added a default password policy
({{ads-pwdId=default,ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config}})
which stipulates a expiration time of 180 days and a single grace login for a
password change after this expiration time.
This password policy works great, *except*, our {{uid=admin,ou=system}} account
picks up this policy and it's password had expired and entered a locked out
state.
It is our opinion that the {{uid=admin,ou=system}} should never ever get locked
out since there is no way to recover from this except to delete the system
directory.
In some cases deleting the system directory may be customized and deleting it
would be worse than a mere inconvenience.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
