On 10/22/2010 06:40 AM, Michael Starling wrote:
OPENLDAP 2.43
I have a default password policy working OK but I'd like to
override the default policy for one individual.
I create the policy and add this LDIF without any problems.
dn: cn=user,ou=Policies,dc=mdvcat,dc=lott
cn: user
objectClass: pwdPolicy
objectClass: person
objectClass: top
sn: Password Policy
pwdAttribute: UserPassword
pwdMaxAge: 0
pwdLockout: FALSE
pwdMinLength: 10
I then try to apply the policy to a user with the following LDIF
dn: uid=ldapmgr,ou=people,dc=mdvcat,dc=lott
changetype: modify
add: pwdPolicySubentry
pwdPolicy: cn=user,ou=Policies,dc=mdvcat,dc=lott
The attribute is pwdPolicySubentry not pwdPolicy.
dn: uid=ldapmgr,ou=people,dc=mdvcat,dc=lott
changetype: modify
add: pwdPolicySubentry
pwdPolicySubentry: cn=user,ou=Policies,dc=mdvcat,dc=lott
Try the above ldif.
- Aravind
I receive the following error.
ldapadd -f ldapmgr.ldif -x -D cn=root,dc=mdvcat,dc=lott -W
Enter LDAP Password:
modifying entry "uid=ldapmgr,ou=people,dc=mdvcat,dc=lott"
ldapadd: Undefined attribute type (17)
additional info: pwdPolicy: attribute type undefined
Any help would be appreciated
Thanks,
-Mike
|