[Date Prev][Date Next] [Chronological] [Thread] [Top]

Configuring ppolicy problem



Hi,

I'm trying to configure ppolicy but It's not working when I set pwdMaxAge and pwdWarning (I am able to login when my password is suppose to be expired)
I tried with shadowAccount instead of PwdPolicy and It is working well.

This is my relevant setting in slapd.conf


include    /etc/openldap/schema/ppolicy.schema

moduleload    ppolicy.la

overlay    ppolicy
ppolicy_default "cn=default,ou=policies,dc=sample,dc=com"
ppolicy_use_lockout

My ldip file is:

objectClass: organizationalUnit
objectClass: top
ou: policies

dn: cn=default,ou=policies,dc=sample,dc=com
objectClass: pwdPolicy
objectClass: person
objectClass: top
cn: default
pwdAttribute: userPassword
sn: dummy
pwdAllowUserChange: TRUE
pwdCheckQuality: 2
pwdExpireWarning: 50
pwdFailureCountInternal: 30
pwdGraceAuthNLimit: 5
pwdInHistory: 5
pwdLockout: FALSE
pwdLockDuration:0
pwdMaxAge: 60
pwdMaxAge: 0
pwdMaxFailure: 5
pwdMinAge: 0
pwdMinLenght: 5
pwdMustChange: FALSE
pwdSafeModify: FALSE


dn: cn=user1,ou=policies,dc=sample,dc=com
objectClass: pwdPolicy
objectClass: person
objectClass: top
objectClass: posixAccount
objectClass: pwdPolicy
objectClass: shadowAccount
cn: user1
pwdAttribute: userPassword
gidNumber: 501
homeDirectory: /home/user1
sn: test
uid: user1
uidNumber: 501
pwdAllowUserChange: TRUE
pwdAge: 20
pwdExpireWarning: 15
userPassword: XXXXX


Thanks in advance!