Re: Enabling Password Policy Messages via Extended Controls in OpenLDAP

[Quanah Gibson-Mount <quanah@stanford.edu>]

--On Tuesday, August 23, 2005 6:18 PM +0200 Buchan Milne 
<bgmilne@obsidian.co.za> wrote:

> But, according to the draft, the control for ppolicy is
> 1.3.6.1.4.1.42.2.27.8.5.1 ... my 2.3.5 box with ppolicy enabled also
> doesn't display this control ...
>
>
> > for example from my systems running OpenLDAP 2.3.6
> >
> > > Which doesn't tell me what extended controls are
> > > supported in this directory.  Am I still doing
> > > something wrong here?
> >
> >
> > See above.
> >
> > > How do I configure the directory to have
> > > password-policy server-side controls sent back to the
> > > client?
> >
> >
> > Use the ppolicy overlay, I'm guessing.
>
> Still leaves some questions unanswered ... or am I missing something?

Probably not... I don't use the ppolicy overlay, so I don't know if it is 
correctly registering the control or not. ;)  I was mainly pointing out how 
to get the list of supported controls, since the user was having a problem 
at that level.

There were some changes to ppolicy between 2.3.5 and 2.3.6, IIRC, so maybe 
it is fixed in that release.

--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

"These censorship operations against schools and libraries are stronger
than ever in the present religio-political climate. They often focus on
fantasy and sf books, which foster that deadly enemy to bigotry and blind
faith, the imagination." -- Ursula K. Le Guin