Description of problem:
If we set passwordMinAge to the some appropriate value other then '0', it should not allow a user to change the password within this value of seconds passed from the previous change.
Now it allows at all levels (cn=config or subtree/user password policy).
Version-Release number of selected component:
Steps to Reproduce:
1. Install Directory Server instance
2. Add a user to 'ou=people,dc=example,dc=com'
3. Set up password policy for the user and the subtree
4. Set passwordMinAge on the user pwdPolicy entry to '30'
5. Set passwordMinAge on the subtree pwdPolicy entry to '30'
6. Set passwordMinAge on the cn=config entry to '30'
7. Try to change userPassword binding as the user two times in a row
It allows to change the password
The user should not be allowed to change the password right after previous change
It is a regression, because TET CI test runs show no issue on the 389-ds-base-188.8.131.52 build
git patch file (master)
Note: a regression just in the master branch.
Noriko, I've tested your patch with my test case and it has passed. Ack from me too.
Please, review my patch too. :)
Simon, thank you soooo much for finding it out. It was an embarrassing bug... :(
Your test suite covers the pwdpolicy features perfect. Thanks!!
0001-Ticket-48967-passwordMinAge-attribute-doesn-t-limit-.patch was reviewed by William and Simon.
Thank you, both of you!
Pushed to master:
3a08be3..790e723 master -> master
Thank you too, Noriko!
Pushed to master:
790e723..6abd5f4 master -> master
Author: Simon Pichugin email@example.com
Date: Wed Aug 24 10:08:29 2016 +0200
I think I just forgot to close this ticket...
Metadata Update from @nhosoi:
- Issue assigned to nhosoi
- Issue set to the milestone: 184.108.40.206
to comment on this ticket.