[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ppolicy
On Freitag, 11. April 2008, Rick Stevens wrote:
> Howard Chu wrote:
> > Chris G. Sellers wrote:
> >> Rick,
> >>
> >> try
> >>
> >> ldapsearch -{normal stuff here} cn=<value> '*' '+'
> >>
> >> And then man ldapsearch and read the 'operational' section of the
> >> manpage (near the top)
> >>
> >> On Apr 10, 2008, at 6:35 AM, Gavin Henry wrote:
> >>> Rick Stevens wrote:
> >>>> I've got a question regarding the ppolicy overlay. I've read
> >>>> the docs I
> >>>> can find for it on the web, but there's a couple of holes in
> >>>> them and in
> >>>> my knowledge.
> >>>> I've got the config set up (schema, module load, external check
> >>>> library)
> >>>> and such. I've got the default policy DN in the database and
> >>>> such. From slapd.conf:
> >>>> overlay ppolicy
> >>>> ppolicy_default \
> >>>> "cn=DefaultPassword,ou=Policies,dc=billing,dc=com"
> >>>> ppolicy_use_lockout
> >>>> ppolicy_hash_cleartext
> >
> > If the above extract from slapd.conf was quoted exactly, then it is
> > wrong. Read the slapd.conf(5) manpage.
>
> The "ppolicy_default" stuff is on one line. I reformatted it for my
> mail client.
The indentation is the problem. The slapd.conf(5) manpage states this:
"If a line begins with white space, it is considered a continuation
of the previous line."
All the ppolicy statements have to be on separate lines as they are
separate config options.
--
Ralf