I want to use "pwdAccountLockedTime" attribute to automatically lock an account using OpenLDAP (v.2.5.14). The problem is that even with this field filled, the account is never locked.
I first started by activate the "ppolicy" module using slapadd and a ppolicy-module.ldif file suh as mentioned here "https://stackoverflow.com/questions/49257247/how-to-activate-ppolicy-module-in-openldap", then I have checked that the module is loaded and I did not have any problem:
$ sudo slapcat -n 0 | grep olcModuleLoad | grep ppolicy
olcModuleLoad: {0}ppolicy
Then, I have extended the LDAP scheme to allow using of ppolicy attributes such as "pwdAccountLockedTime". I have set it to "00000101000000Z" in order to lock permanetly an account (to check if it was working). But I still can connect (using LDAP Admin tools) with the account that was supposed to be locked.
Any idea?
Thank in advance.
