[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: invalid syntax on pwdPolicy object add
- To: openldap-technical@openldap.org
- Subject: Re: invalid syntax on pwdPolicy object add
- From: Emmanuel Lecharny <elecharny@gmail.com>
- Date: Tue, 14 Sep 2010 10:51:01 +0200
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:reply-to :user-agent:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=izzrzh0EF9aMdaaMjHULBJuagwb+p0OnLF5ckqkQTms=; b=bLKKCIMS7Dc8OJq7mPykPXEECqj9axvq0uNoZ96aGjx7DlJIZz01yxlRrIYZ4MiDlY tAIk/hKEO9qmWkyAKB9YTWZFOXIgdWaBZHacKjkTJPYEbJ4zp+Xt8afc0oNVlJxI2xHE e6YRbAXM0HQ5yiDBDnSu+JQWh97dinn9/vO/g=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:reply-to:user-agent:mime-version:to:subject :references:in-reply-to:content-type:content-transfer-encoding; b=nVLKraTofMTU4/yqWE7AM6RSu6ZAzXMC+TQAKBbBOZHdCnkthQITi783N9OFCTY/wm iAjxog7c0lFCzyUnOL6GqpIoLBJ3l05ETm4owwcKVt2Ybfzofb4byNxua7lZyGpO44LQ glkNk0eeYEnyxsD65vHeyQICcAHRZoMAdS0f4=
- In-reply-to: <173796.75087.qm@web29114.mail.ird.yahoo.com>
- References: <173796.75087.qm@web29114.mail.ird.yahoo.com>
- User-agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.9) Gecko/20100825 Thunderbird/3.1.3
On 9/14/10 8:40 AM, mailing lists wrote:
Hello,
I think that the pwdAttribute needs an OID value (specified by the syntax)
so you would must use the OID of the userPassword attribute which is
2.5.4.35
I thought that would be a possibility for the failure Kiran and Julien
are facing, (please guys, can you give it a try ?), but IMO, there is no
reason why we would not be allowed to use 'userPassword' in this context.
Using the OID instead of the alias name does not carry any extra
information, as soon as the alias is valid accordingly to the schema
(whatever it represents, be it an AT, OC, MR, or any of the other kind
of schema objects). The syntax should just check that the alias is
syntaxically correct. It's up to the ppolicy overlay to check that the
value is a valid AT.
Plus the error message is really misleading if this is the cause for the
error.
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com