[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Password policy



Le 23/11/2012 17:04, Michael Ströder a écrit :
Guillaume Rousse wrote:
Le 19/11/2012 17:24, jeevan kc a écrit :
Or how about creating an OU=policies under the root DIT and including these
Objectclass: person
This class is perfectly useless here

Do you mean objectclass: person? It's needed. Otherwise..

Objectclass: pwdpolicy
Objectclass: top
cn:default
pwdAttribute:2.5.4.35
sn:summy
pwdlockout:True
pwdMaxfailure:3

..one would not be able to
1. use *auxiliary* object class 'pwdpolicy' and
2. set attribute 'cn' in the entry.

(I usually use structural objectClass 'applicationProcess' along with
'pwdpolicy').
Indeed, you need a structural object class. But Person is definitively not a good idea, unless you want to blur the issue more than needed. I personaly use organizationalRole for this purpose.

--
BOFH excuse #412:

Radial Telemetry Infiltration