[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ppolicy: invalid value for attributeType pwAttribute -- for "userPassword"



Hi,

Chris Shenton <chris.shenton@nasa.gov> writes:

> On Feb 23, 2008, at 3:11 AM, Dieter Kluenter wrote:
>
>> Chris Shenton <chris.shenton@nasa.gov> writes:
>>
>>> I'm running 2.3.39 and using ppolicy to enforce our password
>>> policy. Got an LDIF file:
[...]
>>> pwdAttribute:                   userPassword
>>
>> pwdAttribute value should contain the OID of attribute type
>> userpassword,
>> which is 2.5.4.35
>
> Thanks, that got me going.  I could swear I used "userPassword" in a
> previous version of OpenLDAP.
>
> Perhaps the docs and LDIF file should mention that you need to use the
> OID rather than the name?
> Both the man page for slapo-ppolicy and draft-behera-ldap-password-
> policy-xx.txt say "userPassword".

The only reference I have at hand right now is my own documentation,
but I could swear that the original information had been in some
documentation, either man slapo-ppolicy,
draft-behera-ldap-password-policy or in ppolicy.c. But someone with
more detailed inside knowledge may comment on this issue and clarify. 

-Dieter

-- 
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6