[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5310) ppolicy

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#5310) ppolicy
From: mhardin@symas.com
Date: Wed, 9 Jan 2008 01:28:44 GMT

Hi Kevin,

The ITS system is for reporting defects in OpenLDAP, and the symptoms 
you are describing are not indicative of that. The OpenLDAP team will 
probably close this ITS with a comment to that effect.

The 'passwd' command is an OS tool, not part of OpenLDAP. Its 
interaction with OpenLDAP is through the pam_ldap module, and the 
conifguration of that module is most likely where your problem lies. I 
suggest posting this question on the pam_ldap mailing list that is 
operated by PADL, or requesting support from your OS vendor (RedHat?).

Cheers,

-Matt

-- 

Matthew Hardin
Symas Corporation - The LDAP Guys
http://www.symas.com

khxie@directv.com wrote:
> Full_Name: Kevin Xie
> Version: 2.3.39
> OS: RHEL 4 update 3
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (147.21.16.3)
>
>
> I am testing ppolicy on OpenLDAP 2.3.39 and 2.3.38. 
> When user password expired, LDAP forced user to change password using "passwd",
> it bypassed all the ppolicy settings, like, PwdMinLength, PwdInHistory. 
> Is there a way to force "passwd" to check LDAP ppolicy like "ldappasswd" does? 
> Is it because "passwd" and "ldappasswd" using different encryption methods?
>
> I've uploaded ppolicy and slapd.conf in khxie_ppolicy.txt.
> I've google searched the issue and didn't find any anwser.
>
> Thanks for your help.
>
> Kevin Xie
>
>
> .
>
>

Prev by Date: (ITS#5314) slapd crashed in syncrepl and mirror mode when deleting entry
Next by Date: Re: (ITS#5312) ldapmodify(1) man page claims that "changetype:" not necessary
Index(es):
- Chronological
- Thread