Hi,

I've upgraded from older 389DS to 1.4.4.11 and realized that server started upgrading hashing algorithm of userPassword it is fine, but it also moves forward passwordExpirationTime.

I know I can set

dn: cn=config
nsslapd-enable-upgrade-hash: off

to disable this feature.

Is there way how to only disable passwordExpirationTime updating and keep password hash upgrading enabled?

Not at the moment, and I suspect this side effect was overlooked during the development this feature.  I'm not sure if it will be easy to avoid password policy updates when this plugin updates the userpassword, but we should definitely look into it.  I'll file a ticket to investigate it.

Regards,

Mark

_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

-- 

389 Directory Server Development Team