[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#7055) pwcheck Module for slapo-ppolicy

To: openldap-its@OpenLDAP.org
Subject: (ITS#7055) pwcheck Module for slapo-ppolicy
From: lukas.graesslin@collax.com
Date: Sat, 1 Oct 2011 11:19:38 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Lukas Grässlin
Version: Latest Git
OS: Arch Linux
URL: http://dl.dropbox.com/u/32193848/src/0001-Added-pwcheck-module-for-the-slapo-ppolicy-overlay.patch
Submission from: (NULL) (88.67.244.45)


Hi there,

I wrote a new pwcheck module for the slapo-ppolicy overlay which is able to
handle multiple different policies.

My problem was:

I have multiple password policies which are applied to different users.
The policies differ in strength etc. The problem was that with the only pwcheck
modul you can find on the net
(https://ltb-project.org/svn/openldap-ppolicy-check-password/trunk/) you just
define one 'policy-thing' which will be checked if check-password.so is run.

I wanted to have something were you also can define multiple policies which also
can differ, so I wrote my own module which reads two config files:

$CONFDIR/ppolicies:
There are the policies defined. Example:

[Default]
min_len     = 8
min_digit   = 1
min_lower   = 1
min_special = 1
min_upper   = 1

$CONFDIR/users:
These file holds the relation between users and policies:

uid=lukas,ou=People,dc=example,dc=com : Default

Well, it would have been nicer if that policy definition & co would also be
stored in ldap, but the config-file-way was the faster one as it had to be
finished quick.

Whatever, maybe some of you could need this or improve it.

Prev by Date: Re: (ITS#7040) Out of sync consumer replicas after standby master takes over (MMR)
Next by Date: Re: (ITS#6979) test062 portability
Index(es):
- Chronological
- Thread