I have 2 eDirectory servers synchronizing data. I also have the User App
running on box1, box 2 and box 1 is synchronizing. The universal
password policies on both is exactly the same.

Scenario: When a user changes his password via the User App, the
password is changed on box 1 and then the eDir driver syncs the two
trees. Problem is that the sync the driver does is seen the same as when
a Administrator resets a user's password, thus the password expiry time
on box 2 is set to the current time, which means the policy comes into
effect and the user gets x amount of grace logins before needing to
change password. This is an issue because it means the user has to
change his pw twice in a space of minutes to x amount of logins.

Upon checking the option in the policy that allows a Administrator to
set the password without expiring the password, the above does not
happen and the user changes password only once. The Password Expiry Time
is synced in the driver.

Any work around or ideas on how to Sync the password between the trees
without expiring the pw?

I found this TID but not sure how it will help solving my issue.
'10098559: How to synchronize only the 'Password Expiration Time' when
the password is changed by admin'


TommieFrancis's Profile: http://forums.novell.com/member.php?userid=31850
View this thread: http://forums.novell.com/showthread.php?t=387898