[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: how implement pwdpolicy



On Tuesday 28 April 2009 08:44:41 Rahima Shaheen wrote:
> 5.	Now I want to create policy.ldif. Script
>
> dn: cn=default,ou=policies,dc=my-domain,dc=com
>
> cn: default
>
> objectClass: pwdPolicy
>
> objectClass: person
>
> objectClass: top
>
> pwdAllowUserChange: TRUE
>
> pwdAttribute: userPassword
>
> pwdCheckQuality: 2
>
> pwdExpireWarning: 600
>
> pwdFailureCountInterval: 30
>
> pwdGraceAuthNLimit: 5
>
> pwdInHistory: 5
>
> pwdLockout: TRUE
>
> pwdLockoutDuration: 0
>
> pwdMaxAge: 0
>
> pwdMaxFailure: 5
>
> pwdMinAge: 0
>
> pwdMinLength: 5
>
> pwdMustChange: FALSE
>
> pwdSafeModify: FALSE
>
> #sn: 'dummy value' objectClass: organizationalUnit
>
>
>
> It gives an error "Invalid syntax (21) pwdAttribute: value #0 invalid
> per syntax. 

I forget exactly when/which versions, but you may have to specify the OID of 
the password attribute, not the name, in pwdAttribute.

Regards,
Bucha