The counts and watermarks for OTP tokens should never go back. So there needs to be a plugin that would make sure that the value is checked before modification and that the lower value never overwrites the higher one.
This is a part of the OTP feature.
IMO, this is a duplicate of #4442.
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=919228 (Red Hat Enterprise Linux 7)
https://www.redhat.com/archives/freeipa-devel/2014-September/msg00326.html
master:
ipa-4-1:
Metadata Update from @dpal: - Issue assigned to npmccallum - Issue set to the milestone: FreeIPA 4.1
Log in to comment on this ticket.