[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ppolicy (how to get hands on the password policy response)



Prakash Velayutham wrote:
Hi,

I would like to know how to enable the password policy controls from the server side. I have ppolicy overlay enabled in my slapd.conf, but when I login as a user whose password has expired (during one of the grace logins enabled in the server standard policy) there are no warnings that show up from the client side. But I do see following messages in the server logs:

Jun 5 17:02:15 ldaptest slapd[11738]: ppolicy_bind: Setting warning for password expiry for cn=Prakash Velayutham,ou=PI-users,dc=cchrf,dc=org = 215 seconds


the result does not show PasswordPolicyControl (1.3.6.1.4.1.42.2.27.8.5.1). Could someone please let me know how to enable this control from the server side? For some reason the control seems to be not supported even with ppolicy overlay enabled.

Thanks,
Prakash

Note: I did see a thread on this topic earlier (http://www.openldap.org/lists/openldap-software/200601/msg00187.html), but there is no follow-up posted to that.

You're mistaken, this message was posted in response to the one you reference, with the correct answer:
http://www.openldap.org/lists/openldap-software/200601/msg00189.html


--
 -- Howard Chu
 Chief Architect, Symas Corp.  http://www.symas.com
 Director, Highland Sun        http://highlandsun.com/hyc
 OpenLDAP Core Team            http://www.openldap.org/project/