Hi, list.
The are several ways to implement password policy now -- shadowAccount
for pam, sambaAccountPolicy for samba and password policy overlay for
both.
All this are not perfect.
shadowAccount and sambaAccountPolicy can't block login to www, for
example, and they work on client side.
ppolicy overlay work fine, but, if password blocked, client, usualy,
haven't details.
My idea -- mapping ppolicy overlay rules to samba and shadow fields in
users dn on server side. Is it possible? If yes -- how?