[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: Attribute questions
Hi Rich,
Add something like this to your slapd.conf:
access to attr=userpassword by * none
access to * by self write
One way to ensure those password characteristics is to put the constraints
into the client program -- modify and specialize ldappasswd for instance and
have your users use that.
I've found the passwords to be pretty flexible: for instance, I can cut the
entry from /etc/shadow and paste it into ldif -- prefixed by {crypt} and I
can authenticate with my login password. (That made me really happy since I
really didn't want my users to be forced to reenter their passwords as we
switch to LDAP-based authentication).
Good luck,
--rj
> -----Original Message-----
> From: owner-openldap-general@OpenLDAP.org
> [mailto:owner-openldap-general@OpenLDAP.org]On Behalf Of Richard Heller
> Sent: Sunday, February 21, 1999 10:39 AM
> To: openldap-general@OpenLDAP.org
> Subject: Attribute questions
>
>
> Hi,
>
> How do I set the access permissions on an attribute? For example, I want
> userpasswords to be critical data that can not be read by anybody. How do
> I set that? Also, is there a way to specify a max/min size of a string?
> For example, if I want the userpasswords to be at least 3 characters but
> no more than 10.
>
> Thanks,
> Rich
>
>
>
>