[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ppolicy by group

To: Jeroen van Aart <kroshka@atypon.com>
Subject: Re: ppolicy by group
From: Howard Chu <hyc@symas.com>
Date: Wed, 18 Jun 2008 16:41:00 -0700
Cc: openldap-software@openldap.org
In-reply-to: <48598859.6020903@atypon.com>
References: <48512965.7070504@zrmt.com> <19291fe0806120843n2cc3f637j77a19e6b7d225ec8@mail.gmail.com> <4856ED5A.3070005@zrmt.com> <48578F88.1030104@suretecsystems.com> <48598859.6020903@atypon.com>
User-agent: Mozilla/5.0 (X11; U; Linux i686; rv:1.9pre) Gecko/2008043023 SeaMonkey/2.0a1pre

Jeroen van Aart wrote:

Gavin Henry wrote:

man slapo-ppolicy:

"Every account that should be subject to password policy control should
have a pwdPolicySubentry attribute containing the DN of a valid
pwdPolicy entry, or they can simply use the configured default. In this
way different users may be managed according to different policies."


Is it safe to conclude from that that if there is no default policy
configured then unless an account has a pwdPolicySubentry containing the
DN of a valid pwdPolicy entry it will not be subject to password policy?


Read the manpage yourself, it's all explained there already.

--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

Follow-Ups:
- Re: ppolicy by group
  - From: Jeroen van Aart <kroshka@atypon.com>

References:
- ppolicy by group
  - From: Andy Loughran <andy@zrmt.com>
- Re: ppolicy by group
  - From: "Adam Leach" <adam.m.leach@gmail.com>
- Re: ppolicy by group
  - From: andylockran <andy@zrmt.com>
- Re: ppolicy by group
  - From: Gavin Henry <ghenry@suretecsystems.com>
- Re: ppolicy by group
  - From: Jeroen van Aart <kroshka@atypon.com>

Prev by Date: Re: ppolicy by group
Next by Date: Re: ppolicy by group
Index(es):
- Chronological
- Thread