[Date Prev][Date Next]
(ITS#7055) pwcheck Module for slapo-ppolicy
Full_Name: Lukas Grässlin
Version: Latest Git
OS: Arch Linux
Submission from: (NULL) (18.104.22.168)
I wrote a new pwcheck module for the slapo-ppolicy overlay which is able to
handle multiple different policies.
My problem was:
I have multiple password policies which are applied to different users.
The policies differ in strength etc. The problem was that with the only pwcheck
modul you can find on the net
(https://ltb-project.org/svn/openldap-ppolicy-check-password/trunk/) you just
define one 'policy-thing' which will be checked if check-password.so is run.
I wanted to have something were you also can define multiple policies which also
can differ, so I wrote my own module which reads two config files:
There are the policies defined. Example:
min_len = 8
min_digit = 1
min_lower = 1
min_special = 1
min_upper = 1
These file holds the relation between users and policies:
uid=lukas,ou=People,dc=example,dc=com : Default
Well, it would have been nicer if that policy definition & co would also be
stored in ldap, but the config-file-way was the faster one as it had to be
Whatever, maybe some of you could need this or improve it.