[Fedora-directory-users] passwordRetryCount Manipulations
Richard Megginson
rmeggins at redhat.com
Wed Jan 17 14:57:35 UTC 2007
Justin Crawford wrote:
> Howdy-
>
> I have noticed something unexpected.
>
> Setting "passwordRetryCount" programatically (e.g. with ldapmodify) to
> some value higher than our limit (say, 10) causes an account to be
> locked, right? Well, yes, but only after that account has been locked
> at least once the old-fashioned way, by trying to bind too many times
> with a bad password.
>
> Brand new accounts* that've never been locked the old-fashioned way do
> not mind a passwordRetryCount of 1000; these accounts can bind
> successfully, and their passwordRetryCount gets set to 0.
>
> Does this make sense? If so, what's the additional attribute involved
> in locking, and what are its potential values?
>
http://directory.fedora.redhat.com/wiki/Howto:PasswordReset
> Thanks!
>
> Justin
>
> *Created with minimal attributes using ruby's net/ldap library.
>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20070117/bdb0e1c4/attachment.bin>
More information about the Fedora-directory-users
mailing list