[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Ppolicy does not seem to work

To: Jan Kohnert <nospam001-lists@jankoh.dyndns.org>
Subject: Re: Ppolicy does not seem to work
From: Howard Chu <hyc@symas.com>
Date: Mon, 14 Feb 2011 14:23:30 -0800
Cc: openldap-technical@openldap.org
In-reply-to: <201102142307.32640.nospam001-lists@jankoh.dyndns.org>
References: <201102131745.23415.nospam001-lists@jankoh.dyndns.org> <201102142307.32640.nospam001-lists@jankoh.dyndns.org>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:2.0b11pre) Gecko/20110130 Firefox/4.0b11pre SeaMonkey/2.1b2pre

Jan Kohnert wrote:

So there comes the next question: Is there a way to lock out specific users
permanently (other than creating a cronjob setting the lockout time new after
900s) or do I need to set pwdLockoutDuration to inf and so are forced to
manually reset users whose accounts were tried to be cracked?

Read the slapo-ppolicy manpage again. This is explicitly documented.

--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

Follow-Ups:
- Re: Ppolicy does not seem to work
  - From: Andrew Findlay <andrew.findlay@skills-1st.co.uk>

References:
- Ppolicy does not seem to work
  - From: Jan Kohnert <nospam001-lists@jankoh.dyndns.org>
- Re: Ppolicy does not seem to work
  - From: Jan Kohnert <nospam001-lists@jankoh.dyndns.org>

Prev by Date: Re: Ppolicy does not seem to work
Next by Date: Aliasing entries with reserved characters
Index(es):
- Chronological
- Thread