yeah, just found that in the CHANGE file for 2.4. thanks. and that's why I had asked the other question about the 2.4 vs 2.5 database format and servers. figured if I have to update anyway (and should, granted) I should do it to 2.5 but didn't necessarily want to take on a weekends worth of work if I could get away with doing it bit by bit over time.
--- Regards, Kevin Martin On Thu, Aug 19, 2021 at 12:33 PM Quanah Gibson-Mount <qua...@symas.com> wrote: > > > --On Thursday, August 19, 2021 1:17 PM -0500 kevin martin > <ktm...@gmail.com> wrote: > > > > > > > we HAD a password history setting with ppolicy to store 10 passwords in > > history, and that worked fine. Now, our policy has changed and only the > > last 4 passwords can't be used but when I try to change to a password > > that I know was not in the last 4 password changes I'm told that the > > password exists in my history. looking at an ldif dump my user has 10 > > pwdHistory entries but shouldn't the change in policy cause slapd to only > > look at my last 4 most recent pwdHistory entries, because it's certainly > > not doing so. do I have to dump the ldap into an ldif, remove > > pwdHistory entries, and reload it to make the password history stuff work > > correctly? version of slapd is 2.4.45. > > This is <https://bugs.openldap.org/show_bug.cgi?id=8349> > > Fixed in OpenLDAP 2.4.48. I strongly advise upgrading to current > supported > release for many reasons. > > --Quanah > > > > -- > > Quanah Gibson-Mount > Product Architect > Symas Corporation > Packaged, certified, and supported LDAP solutions powered by OpenLDAP: > <http://www.symas.com> >
