[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Password policy definitions

To: openldap-technical@openldap.org
Subject: Re: Password policy definitions
From: Buchan Milne <bgmilne@staff.telkomsa.net>
Date: Fri, 25 Apr 2008 10:38:24 +0200
Cc: Gustavo Mendes de Carvalho <gmcarvalho@gmail.com>
Content-disposition: inline
In-reply-to: <002801c8a662$466f1530$6400a8c0@pentiumdual>
References: <mailman.6.1209038401.7757.openldap-technical@openldap.org> <002801c8a662$466f1530$6400a8c0@pentiumdual>
User-agent: KMail/1.9.9

On Friday 25 April 2008 01:23:52 Gustavo Mendes de Carvalho wrote:
> Hi there,
>
> I noted that ppolicy is yet in development and because of that I would like
> to check how can I do some password history check. I mean, how can I apply
> same password policy defined in /etc/pam.d/system-auth, like history, size,
> new chars when changing password, and so on ?

Here is one example:
http://open.calivia.com/projects/openldap/
http://open.calivia.com/projects/openldap/browser/check_password

> I running OpenLDAP 2.2.13,

Which doesn't have ppolicy at all.

> because is the RHAS4 current version. 

Poor excuse: http://staff.telkomsa.net/packages/rhel4/openldap/ , which has 
ppolicy. I will look at including the check_password.c plugin from above in 
the packages as well.

> Is there any way to force LDAP Seerver to use /etc/pam.d/system-auth
> definitions ?

No.

Follow-Ups:
- Compiling openldap-2.4.8 on cygwin
  - From: "Clemson, Chris $IHG$" <Chris.Clemson@ihg.com>
- Re: Password policy definitions
  - From: "Gustavo Mendes de Carvalho" <gmcarvalho@gmail.com>

References:
- Password policy definitions
  - From: "Gustavo Mendes de Carvalho" <gmcarvalho@gmail.com>

Prev by Date: Re: Password policy definitions
Next by Date: Serious performance problems
Index(es):
- Chronological
- Thread