I am able to rectify this issue by creating the accout again.
This problem happens only to the accouts which exists before adding the
ppolicy directive.
And it is not happening to the account which I created later.
As a workaroud I deleted all the accounts and created it again.
I got this point after searching the archives.
Thanks a lot
Sandeep
Sandeep A.S wrote:
Hi
I am using openldap version 2-3-24.
I made the ppolicy overlay enabled
Whenever user logs in it ask to change the password .
After changing the password aslo next time login ,it aks to change the
password
with the error password aged.
The following is my standerd policy:
dn: cn=Standard Policy,ou=Policies,dc=nc,dc=com
objectClass: top
objectClass: device
objectClass: pwdPolicy
cn: Standard Policy
pwdAttribute: userPassword
pwdMaxFailure: 3
pwdInHistory: 3
pwdMinLength: 6
pwdExpireWarning: 259200
pwdAllowUserChange: TRUE
pwdFailureCountInterval: 300
pwdGraceAuthNLimit: 1
pwdLockoutDuration: 300
pwdMustChange: FALSE
pwdCheckQuality: 1
pwdMaxAge: 10368000
my slapd.conf is below:
<sniped>
database bdb
overlay ppolicy
ppolicy_default "cn=Standard Policy,ou=Policies,dc=nc,dc=com"
ppolicy_use_lockout
Any pointer to troubleshoot this issue ?
-Thanks
Sandeep