[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Password policy
- To: jeevan kc <jeev_biz@hotmail.com>
- Subject: Re: Password policy
- From: Mauricio Tavares <raubvogel@gmail.com>
- Date: Mon, 19 Nov 2012 10:42:36 -0500
- Cc: openldap-technical@openldap.org
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=jaUDWH2Lm8fTNLmUtxWKUGaf54MgLSjz54VF/qbJUh0=; b=q9oBbIVhLVlV1yr02aZZjt5teUlhQ+qcuPct/TsJlycQEyb6cRNRuzlXXDJ/nIZo/J ln7QI+vUvn0R3YVkYxW6z/qrvmUR0f0MnJvVMOs+mzd+TkkuAqMdynLybM5oogfSAlm7 gUwUufpBt/l6r6/eN0TXcqOW14ohHqRxRUF+ze1Cz3H31u5g5Kb/nO9najTqcLZOZx6e ju7Yvbd2emLd86fMj6iqPn9WE/XRUbGOyQI2hmBvw+IiTNyTGSLZ6T6UsUDygpsJIYZL x7U3QLqxxwywsEIJA1XpXHpJvqI47xSUffgY+BkIpf5wVRdZameZDivf3/ov6yknSnq+ H9zg==
- In-reply-to: <SNT137-W1F6CB317E1B579F37605BFD560@phx.gbl>
- References: <SNT137-W1F6CB317E1B579F37605BFD560@phx.gbl>
On Mon, Nov 19, 2012 at 10:14 AM, jeevan kc <jeev_biz@hotmail.com> wrote:
> Hello
>
> I want to enable password policy on Openldap 2.4.30(to all users. I see that
> the ppolicy.ldif and ppolicy.schema are listed under
> /usr/local/etc/openldap/schema but are not present on
> /usr/local/etc/openldap/slapd.d/cn=config folder. So do I need to add the
> policy.ldif to the cn=config folder ? Is there like specific procedure to do
> that or can I add manually with ldapadd ? Also how do I enable that schema
> to all users ? Please help.
>
>
> Jeevan
If you have the policy as a diff, you could add it by saying
ldapadd -Y EXTERNAL -H ldapi:/// -f /path/to/ppolicy.ldif
Then you need to ldapmodify each user, adding something like
objectClass: pwdPolicy
to each of them.
This is off the top of my head, so do verify before doing exciting
thingies to your server. ;)