[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Password policy definitions

To: "Michael Ströder" <michael@stroeder.com>
Subject: Re: Password policy definitions
From: "Gustavo Mendes de Carvalho" <gmcarvalho@gmail.com>
Date: Mon, 28 Apr 2008 10:29:01 -0300
Cc: openldap-technical@openldap.org
Content-disposition: inline
In-reply-to: <481307CB.7070609@stroeder.com>
References: <mailman.6.1209038401.7757.openldap-technical@openldap.org> <002801c8a662$466f1530$6400a8c0@pentiumdual> <200804251038.25576.bgmilne@staff.telkomsa.net> <d363b8eb0804251907r1115541v99971b5bc49c28a9@mail.gmail.com> <d363b8eb0804251926y537411a0u4e32394671d9abc1@mail.gmail.com> <481307CB.7070609@stroeder.com>

Hi Michael

According with man 5 slapo-policy and OpenLDAP site docs, in attribute
pwdAttribute I have to input value userPassword, but this attribute
does not support strings (according with my tries), so I inserted
correspondent userPassword OID (1.3.6.1.4.1.1466.115.121.1.40) and
even number 1 or 0 (to enable or disable checking).

After that I defined in pwdMaxFailure to 2 and pwdLockout to TRUE, and
then I tried twice wrong passwords and in the third shot I was able to
connect in.
Another test tah I did was defining pwdExpireWarning to few minutes
(5) and pwdMaxAge to 10 minutes, but when I do login, I didn't receive
warning message, and I can login after 10 minutes after first login.

Is there any missing parameter that I have to setup or do I am doing
something wrong ?

Thanks

2008/4/26 Michael Ströder <michael@stroeder.com>:
> Gustavo Mendes de Carvalho wrote:
>
> >
> > 2008/4/25 Gustavo Mendes de Carvalho <gmcarvalho@gmail.com>:
> >
> >
> > >  I already installed version 2.3 but now I would like to know wher can
> > >  I get some documentation about configuring back_passwd.la. Do you have
> > >  any link describing it ?
> > >
> >
> > Sorry about my mistake.
> >
> > I meant to say ppolicy.la
> >
>
>  man 5 slapo-ppolicy
>
>  For OpenLDAP 2.3:
>
> http://www.openldap.org/software/man.cgi?query=slapo-ppolicy&apropos=0&sektion=0&manpath=OpenLDAP+2.3-Release&format=html
>
>  For OpenLDAP 2.4:
>
> http://www.openldap.org/software/man.cgi?query=slapo-ppolicy&apropos=0&sektion=0&manpath=OpenLDAP+2.4-Release&format=html
>
>  Ciao, Michael.
>

-- 
---
Gustavo Mendes de Carvalho
e-mail: gmcarvalho@gmail.com

Follow-Ups:
- Re: Password policy definitions
  - From: Michael Ströder <michael@stroeder.com>

References:
- Password policy definitions
  - From: "Gustavo Mendes de Carvalho" <gmcarvalho@gmail.com>
- Re: Password policy definitions
  - From: Buchan Milne <bgmilne@staff.telkomsa.net>
- Re: Password policy definitions
  - From: "Gustavo Mendes de Carvalho" <gmcarvalho@gmail.com>
- Re: Password policy definitions
  - From: "Gustavo Mendes de Carvalho" <gmcarvalho@gmail.com>
- Re: Password policy definitions
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: RE: Compiling openldap-2.4.8 on cygwin
Next by Date: ldap_sasl_interactive_bind_s: Local error (-2)
Index(es):
- Chronological
- Thread