[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: OL 2.3.7 and password policy
> On Mon, 2005-09-12 at 17:10 -0700, Howard Chu wrote:
>> Samuel Tran wrote:
>> > Hi All,
>> >
>> > I am testing OL 2.3.7 on a Debian Sarge box.
>> > I would like to implement the password policy overlay.
>> >
>> > When I try to create a dn that would hold the password policy:
>> >
>> > stran@educ236:~$ ldapmodify -vv -x -W -D
>> > "uid=stran,ou=people,dc=example,dc=com" -H ldap://localhost -f
>> > passwd_cn.ldif
>> > ldap_initialize( ldap://localhost )
>> > Enter LDAP Password:
>> > replace cn:
>> > password
>> > replace objectClass:
>> > organizationalRole
>> > pwdPolicy
>> > replace pwdattribute:
>> > userpassword
>> > modifying entry "cn=password,ou=Policies,dc=example,dc=com"
>> > modify complete
>> > ldap_modify: Invalid syntax (21)
>> > additional info: pwdattribute: value #0 invalid per syntax
>> >
>> > I don't understand why I get that error message.
>> >
>> >
>> It looks like slapd's objectIdentifierMatch rule doesn't understand
>> descriptions (though it is supposed to). You'll have to use the numeric
>> OID instead, until that is fixed.
>>
>
> Howard,
>
> I tried using the userPassword OID instead and got another error
> message:
>
> stran@educ236:~$ ldapmodify -vv -x -W -D
> "uid=stran,ou=people,dc=example,dc=com" -H ldap://localhost -f
> passwd_cn.ldif
> ldap_initialize( ldap://localhost )
> Enter LDAP Password:
> replace cn:
> password
> replace objectClass:
> organizationalRole
> pwdPolicy
> replace pwdattribute:
> 2.5.4.35
> modifying entry "cn=password,ou=Policies,dc=example,dc=com"
> modify complete
> ldap_modify: No such object (32)
> matched DN: ou=Policies,dc=example,dc=com
>
> I filed an ITS: #4025
> http://www.OpenLDAP.org/its/index.cgi?findid=4025
>
Using the numeric OID actually worked. I wrongly used ldapmodify instead
of ldapadd. However using the name 'userPassword' still does not work.
Sam