On 1/16/20 3:51 AM, Sumit Bose wrote:
'ldap_ns_account_lock' is referring to the SSSD config option ldap_ns_account_lock (string) When using ldap_account_expire_policy=rhds or equivalent, this parameter determines if access is allowed or not.
Default: nsAccountLock
So please look for the nsAccountLock attribute on the IPA server.
HTH
bye, Sumit
Hi Sumit,
Thanks for the response. Right, Yes I did check for that. The nsAccountLock attribute will lock out a user but that would be a manual process, not a password policy.
CP