I’ve noticed that when any of our users get locked out, the date that gets put into their accountunlocktime attribute is always in the past.  I have our 389-DS set to lock after 3 log in failures, and unlock after 30 minutes.  I’ve noticed that none of our users unlock without admin intervention.  We have to go into their account and delete the accountunlocktime and passwordretrycount attributes.

 

How can I straighten this out?

 

Thanks,

Harry Devine

DOT/FAA/AJM-245

Common ARTS Software Development

harry.devine@faa.gov

(609)485-4218