[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Applying individual password policies



That did the trick and makes sense. I was following a tutorial online that had the ldif I was trying to add... Much thanks..

-Mike


Date: Fri, 22 Oct 2010 10:06:28 +0530
From: aravind.divakaran@yukthi.com
To: mlstarling31@hotmail.com
CC: openldap-technical@openldap.org
Subject: Re: Applying individual password policies

On 10/22/2010 06:40 AM, Michael Starling wrote:
OPENLDAP 2.43

I have a default password policy working OK but I'd like to override the default policy for one individual.

I create the policy and add this LDIF without any problems.

dn: cn=user,ou=Policies,dc=mdvcat,dc=lott
cn: user
objectClass: pwdPolicy
objectClass: person
objectClass: top
sn: Password Policy
pwdAttribute: UserPassword
pwdMaxAge: 0
pwdLockout: FALSE
pwdMinLength: 10




I then try to apply the policy to a user with the following LDIF


dn: uid=ldapmgr,ou=people,dc=mdvcat,dc=lott
changetype: modify
add: pwdPolicySubentry
pwdPolicy: cn=user,ou=Policies,dc=mdvcat,dc=lott


The attribute is pwdPolicySubentry not pwdPolicy.

dn: uid=ldapmgr,ou=people,dc=mdvcat,dc=lott
changetype: modify
add: pwdPolicySubentry
pwdPolicySubentry: cn=user,ou=Policies,dc=mdvcat,dc=lott


Try the above ldif.

- Aravind



I receive the following error.

ldapadd -f ldapmgr.ldif -x -D cn=root,dc=mdvcat,dc=lott -W
Enter LDAP Password:
modifying entry "uid=ldapmgr,ou=people,dc=mdvcat,dc=lott"
ldapadd: Undefined attribute type (17)
        additional info: pwdPolicy: attribute type undefined



Any help would be appreciated

Thanks,

-Mike