--On Thursday, August 19, 2021 1:17 PM -0500 kevin martin
<ktm...@gmail.com> wrote:
we HAD a password history setting with ppolicy to store 10 passwords in
history, and that worked fine. Now, our policy has changed and only the
last 4 passwords can't be used but when I try to change to a password
that I know was not in the last 4 password changes I'm told that the
password exists in my history. looking at an ldif dump my user has 10
pwdHistory entries but shouldn't the change in policy cause slapd to only
look at my last 4 most recent pwdHistory entries, because it's certainly
not doing so. do I have to dump the ldap into an ldif, remove
pwdHistory entries, and reload it to make the password history stuff work
correctly? version of slapd is 2.4.45.
This is <https://bugs.openldap.org/show_bug.cgi?id=8349>
Fixed in OpenLDAP 2.4.48. I strongly advise upgrading to current supported
release for many reasons.
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>