Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

OpenLDAP password Overlays

8 views

Skip to first unread message

PigInACage

unread,

Aug 29, 2009, 6:03:36 AM8/29/09

hello all.
I'm quite mad trying to understand the Password Overlays on OpenLDAP
I'm using openldap 2.3.43 on Redhat EL 5.3

I'm using the default ppolicy schema and module
trying to add this ldif
dn: ou=Policies,dc=example,dc=com
objectclass: organizationalUnit
objectclass: top
ou: Policies
dn: cn=Standard,ou=Policies,dc=example,dc=com
cn: Standard
objectClass: pwdPolicy
objectClass: person
objectClass: top
pwdAttribute: 2.5.4.35
pwdMinAge: 60
# 30 days: 60 sec * 60 min * 24 hr * 30 days
pwdMaxAge: 2592000
pwdCheckQuality: 1
pwdMinLength: 7
# Warn three days in advance
pwdExpireWarning: 259200
pwdGraceAuthNLimit: 3
pwdLockout: TRUE
pwdLockoutDuration: 1200
pwdMaxFailure: 1
pwdFailureCountInterval: 1200
pwdMustChange: TRUE
pwdAllowUserChange: TRUE
pwdSafeModify: TRUE
objectclass: device
objectclass: pwdPolicy

Reading the book "MAstering LDAP" and http://www.openldap.org/doc/admin24/guide.html#Overlays
but does not work..
all the rules seems to be setted, but if I try to wrong the password
it prompts me again for 3 times (I setted 1)
Really thanks

0 new messages