[midPoint] All users expiring after a few days in 3.6 docker

[Kromhout, Ethan A.]

Hello,

This question is specific to some recent builds I've been doing from the "valtri/docker-midpoint-mariadb" published docker image that has recently been updated to 3.6, and so may not be appropriate for this list, but I thought someone here might understand what setting or policy is causing what I'm seeing.

Twice now I have done builds off of this  image and everything has come up fine for me after some minor tweaks to the apache configuration, but after a few days, less than 5, all my users can no longer log in, and receive a  " User doesn't have defined password." error in the GUI. I don't see anything interesting in the idm.log, but looking in the database I see entries  like the below in m_audit_event.

| 132 | http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user | 1500902355806-0-2 |          0 |         6 | localhost      | administrator | 00000000-0000-0000-0000-000000000002 | password expired | DefaultNode    |       3 | administrator | 0:0:0:0:0:0:0:1   | NULL   | CFA0610ACB46DED269278A0012604BDE | NULL       | NULL      | NULL            | NULL           |       NULL | 1500902355806-0-1 | NULL    | 2017-07-24 13:19:15.000000 |

So "password expired" in the message seems like it could be my problem. After this happened the first time, I noted that a difference between this docker image and ones built on the 3.5.1 docker image was that there was no password policy linked in the system configuration. I added one after a rebuild and was hopeful, but 5 days later all my accounts are locked again.

I do not see this issue in another container that I built off of the 3.5.1 image, and manually upgraded to 3.6, so I don't think this has to do with 3.6, more likely some configuration I am missing.

Thanks,

Ethan


6C2F 9067 96D4 AB4A 9621  4FEB 3069 4100 EBFB 55D1