Hi!
We are running Red Hat Enterprise Linux release 8.3 with
389-ds-base-1.4.3.16-19.module+el8.4.0+11894+f5bb5c43.x86_64 installed. We have configured
password expiration, and passwordExpirationTime is getting updated properly when the end
user binds and changes the password, or when cn=directory manager changes the password. We
have an API that is invoked to allow the users to change their password when they have
forgotten it, so it cannot bind as the end user, but we also do not want it to have to
bind as cn=directory manager. However, we haven't had any luck getting any other user
to update passwordExpirationTime when updating the password. Looking at the code, it looks
like password admins should be allowed to update passwordExpirationTime, but we have those
configured and it's not working. Is there something we are missing?
Thanks!
Show replies by date