[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How to enforce strong passwords in Openldap?



Corey L. Johnson wrote:

On Wednesday 01 December 2004 3:17 pm, Pierangelo Masarati wrote:


Mike Partyka wrote:


I see, thanks for the info. Is there any other way to enforce password
policy within the ldap directory then?


As discussed earlier in this thread
http://www.openldap.org/lists/openldap-software/200412/msg00001.html ,
the ppolicy overlay is supposed to work even with 2.2.19.  At the moment
I don't see any other chance of implementing anything like that, except
writing your own.

SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497



I am fairly new to openldap, but I began constructing a local.schema with the info listed at:


http://www.openldap.org/software/man.cgi?query=slapo-ppolicy&apropos=0&sektion=0&manpath=OpenLDAP+2.X-Devel&format=html
(previously listed by Pierangelo Masarati)



The schema is already in CVS slapd/schema/ppolicy.schema.

I would be greatly appreciative if someone would post the policy completed. I will continue working on it (simply because I need it). So far I just have the objectclass "pwdPolicy" and attributes listed. Will I need much more than the attributes and the objectclass? I mean will I have to define any other variables, etc. for this to work correctly?

No, everything relevant is already defined.

--
 -- Howard Chu
 Chief Architect, Symas Corp.       Director, Highland Sun
 http://www.symas.com               http://highlandsun.com/hyc
 Symas: Premier OpenSource Development and Support