On 07/01/2012 14:16, Joe Friedeggs wrote:
Your initial mail does not show a 'ppolicy_default' in slapd.conf. I
believe you need to create a default ppolicy entry in LDAP, and specify
it in slapd.conf:
# Password Policy
overlay ppolicy
ppolicy_default "cn=default,ou=ppolicy,dc=local"
For testing purpose I want only to apply it to this particular user,
that's why I didn't put a default policy in slapd.conf
Without the default, or if you want a user to use something other than
default, you'll need to manually set the pwdPolicySubentry for the user.
In you case:
dn: uid=lcaron_99,ou=People,dc=local
changetype: modify
replace: pwdPolicySubentry
pwdPolicySubentry: cn=lcaron_99,ou=ppolicy,dc=local
From my 1st mail, I have the following:
"
dn: cn=lcaron_99,ou=ppolicy,dc=local
... snip ...
pwdMaxFailure: 3
dn: uid=lcaron_99,ou=People,dc=local
... snip ...
pwdPolicySubentry: cn=lcaron_99,ou=ppolicy,dc=local
"