On 02/28/2017 04:25 AM, Predrag Zečević - Technical Support Analyst wrote:
On 02/28/17 08:25 AM, tuan88(a)gmail.com wrote:
> h
>>> passwordHistory is not set in your policy config, thus it is not
>>> beingen forced:
> yes it is, i had set it the last many years
> pls see the screendump in my first thread
>
> Policy settings from GUI:
>
www.chezmoi.dk/389-passwd-not-expire.png
>
> bt Tuan
> _______________________________________________
> 389-users mailing list -- 389-users(a)lists.fedoraproject.org
> To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
>
Hi all,
I can confirm that something is wrong, also in 389-ds-base-1.3.5.14
(e.g. also having same problem).
Make sure you are NOT using Directory manager to
change passwords.
Directory manager bypasses password policies.
Some users are not forced to change password although it has been
expired upon rules of our PP, and that is purely random situation...
Moreover, I have not found anything which might cause it.
What would be best way to debug that (considering that it does not
happen so often, so switching debug log to any of values from
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/8....
could be not so useful)?
With best regards.
Predrag Zečević