Bug 53072 - No reset of ppolicy lockout on Replica or backup server
Summary: No reset of ppolicy lockout on Replica or backup server
Status: NEW
Alias: None
Product: UCS
Classification: Unclassified
Component: LDAP
Version: UCS 4.4
Hardware: Other Linux
: P5 normal
Target Milestone: ---
Assignee: UCS maintainers
QA Contact: UCS maintainers
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-04-13 19:39 CEST by Dirk Schnick
Modified: 2021-05-07 10:39 CEST (History)
1 user (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 3: Simply Wrong: The implementation doesn't match the docu
Who will be affected by this bug?: 2: Will only affect a few installed domains
How will those affected feel about the bug?: 2: A Pain – users won’t like this once they notice it
User Pain: 0.069
Enterprise Customer affected?: Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number: 2021030922000497
Bug group (optional):
Customer ID:
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Dirk Schnick univentionstaff 2021-04-13 19:39:08 CEST 
If a ppolicy lockout is triggered on a replica or backup server (pwdFailureTime x times set and pwdAccountLockedTime set) this will not be reset by using the reset checkbox of UMC or set UDM attribute locked to false.

There is a workaround found by the customer: set a new password will reset these attributes also on the replica or backup server, but the checkbox should reset this also. In the actual status the checkbox is misleading.

No high pain as the reset by setting a new password is acceptable, but for a good user experiences we should give the checkbox the full power (or we should expand the checkbox in UMC and the documentation with more information about the necessity to set a new password.