#47970 Account lockout attributes incorrectly updated after failed SASL Bind
Closed: Fixed None Opened 4 years ago by mreynolds.

When a SASL bind fails, the target DN is not set. If password policy account lockout is configured, it attempts to update the password retry count on the dn ("") - which is the Root DSE entry, not a user entry.

This also confuses the COS plugin, and it incorrectly triggers a COS cache rebuild after the failed login.

Thanks Noriko!

d2dfda9..17e7968 master -> master
commit 17e7968
Author: Mark Reynolds mreynolds@redhat.com
Date: Tue Dec 2 14:10:46 2014 -0500

bc47239..36f0d05 389-ds-base-1.3.3 -> 389-ds-base-1.3.3
commit 36f0d05

5237b21..534f5d2 389-ds-base-1.3.2 -> 389-ds-base-1.3.2
commit 534f5d2

a2fc9d4..5b45bd7 389-ds-base-1.3.1 -> 389-ds-base-1.3.1
commit 5b45bd7dfcb44c3574faf470a8a49590d6c9f455

2444e0c..90ab84c 389-ds-base-1.2.11 -> 389-ds-base-1.2.11
commit 90ab84c

lib389 test

17e7968..f6929c9 master -> master
commit f6929c9

36f0d05..b6cd13f 389-ds-base-1.3.3 -> 389-ds-base-1.3.3
commit b6cd13f

534f5d2..80c34a5 389-ds-base-1.3.2 -> 389-ds-base-1.3.2
commit 80c34a5

5b45bd7..5c80428 389-ds-base-1.3.1 -> 389-ds-base-1.3.1
commit 5c804282eac5cefb0490c3ccbaf85387b10cf64b

Metadata Update from @mreynolds:
- Issue assigned to mreynolds
- Issue set to the milestone:

2 years ago

Login to comment on this ticket.