Details
-
Bug
-
Status: Resolved
-
Minor
-
Resolution: Fixed
-
2.0.0-M16
-
None
-
None
-
Linux, OpenJDK 1.7.0
Description
we've got 2.0.0-M16 with patches for DIRSERVER-1971 backported (to be
able to have access control and replication) set up on two servers
with circular replication (A->B, B->A).
We're also running with password policies, specifically we require
users to change their passwords after they've been reset by an
administrator, which seems governed by the attribute pwdReset on the
user's object.
After resetting the password, pwdReset: TRUE is set on the user object
and that seems to replicate correctly to the other server. When the
user changes the password, pwdReset is removed from the user object -
but that attribute removal doesn't replicate.
My first suspicion was that it was somehow related to pwdReset not
being part of any objectClass for the object (along the lines of "it
only needs to check for possible attributes that may have gone
missing"), but I tried making a new objectClass (with MAY pwdReset)
and apply it to my account without seeing any improvement.
I haven't noticed any interesting errors in the logs running with
log4j.logger.org.apache.directory.server.PROVIDER_LOG=DEBUG
log4j.logger.org.apache.directory.server.CONSUMER_LOG=DEBUG