On Wed, May 28, 2014 at 12:54 PM, Pontus Freyhult <[email protected] > wrote:
> Hi, > > we've got 2.0.0-M16 with patches for DIRSERVER-1971 backported (to be > able to have access control and replication) set up on two servers > with circular replication (A->B, B->A). > > We're also running with password policies, specifically we require > users to change their passwords after they've been reset by an > administrator, which seems governed by the attribute pwdReset on the > user's object. > > After resetting the password, pwdReset: TRUE is set on the user object > and that seems to replicate correctly to the other server. When the > user changes the password, pwdReset is removed from the user object - > but that attribute removal doesn't replicate. > > My first suspicion was that it was somehow related to pwdReset not > being part of any objectClass for the object (along the lines of "it > only needs to check for possible attributes that may have gone > missing"), but I tried making a new objectClass (with MAY pwdReset) > and apply it to my account without seeing any improvement. > > I haven't noticed any interesting errors in the logs running with > > log4j.logger.org.apache.directory.server.PROVIDER_LOG=DEBUG > log4j.logger.org.apache.directory.server.CONSUMER_LOG=DEBUG > > is there any other part that may produce more interesting logs for > this or does anyone have other suggestions? > > this is clearly a bug, I am looking into it right now, meanwhile can you file a bug report with your findings? > regards, > /Pontus > -- Kiran Ayyagari http://keydap.com
