Sun Directory Server Enterprise Edition 7.0 Upgrade and Migration Guide

Issues With the Password Policy

If you are migrating a multi-master replicated topology, a situation will arise where a 7.0 master is replicating to a old server. In this situation, an object class violation will occur if changes are made to the password policy attributes on the 7.0 server, and replicated to the old server. The password policy attributes are managed internally by the server but they might be updated in the event of a bind, a user password modify, or the addition of an entry with the userpassword attribute.

To avoid the object class violation, the 7.0 password policy schema file (00ds6pwp.ldif) must be copied to every version 5.2 server that will be supplied by a 7.0 master. When the password policy schema file has been copied, restart the version 5.2 server.