I exported some databases into LDIF files (db2ldif) and imported them in DS8.1 freshly installed.
Then, I went to the "o=" subtree and activated password policy like this "Users much change their passwords after 1 day".
I took a user in this subtree and changed the password.* Normally, I should see a new attribute "PasswordExpirationTime" but it seems not.
So, as a test, I created a new o= subtree like this:* o=TestPwd,dc=test,dc=net
Then, I created a new user inside it: ebobo
After, I activated a password policy, I saw that two entries were created in this subtree like this:
cn=nSPwPolicyContainer,o=TestPwd,dc=test,dc=net (two entries inside)
*"cn=nsPwPolicyEntry,o=TestPwd,dc=test,dc=net" (I can see this attr: passwordexp on)
I changed ebobo's password and I still doesn't see the new attribute "PasswordExpirationTime" in "Advanced properties" in the console.* If I check on "Show all Allowd Attributes", I can see this attribute but it isn't set.
I tried to set the PasswordExpirationTime myself in ebobo's account in this format: 200901011223Z but this account isn't de-activated because of the expiration time, I can still log-on on some sites with this account.
I took a look in access/error logs and there were not errors, only normal operations.* I can provide it if needed.
I'm wondering if there's any other step to successfully activate the max age password policy ?
Live connected. Get Hotmail & Messenger for mobile.
389 users mailing list