Ticket #48833 - 389 showing inconsistent values for shadowMax and shadowWarning in 1.3.5.1
Description: Current passwordMaxAge, passwordMinAge, and passwordWarning
internally have the integer type which is too small to hold the maximum
shadowMax value 99999 days (== 8,639,913,600 secs > INT_MAX 2,147,483,647).
To allow shadowMax and its friends in sync with the values in the password
policy, this patch changes the type of the pw_maxage, pw_minage, and pw_
warning from long to long long.
If password policy is enabled, and the value of passwordMaxAge is greater
than 8639913600:
passwordMaxAge: 8639913600
then the search returns shadowMax 99999.
$ ldapsearch [...] -b "uid=tuser,ou=People,dc=example,dc=com" shadowMax
dn: uid=tuser,ou=People,dc=example,dc=com
shadowMax: 99999
Note: This patch is setting the initial value of passwordMaxAge to 99999 days.
cfg->pw_policy.pw_maxage = 8639913600; /* 99999 days */
Requires: This change requires the Doc and the DS Console updates.
https://fedorahosted.org/389/ticket/48833
Reviewed by mreynolds@redhat.com (Thank you soooooo much, Mark!)