[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#7055) pwcheck Module for slapo-ppolicy

Full_Name: Lukas Grässlin
Version: Latest Git
OS: Arch Linux
URL: http://dl.dropbox.com/u/32193848/src/0001-Added-pwcheck-module-for-the-slapo-ppolicy-overlay.patch
Submission from: (NULL) (

Hi there,

I wrote a new pwcheck module for the slapo-ppolicy overlay which is able to
handle multiple different policies.

My problem was:

I have multiple password policies which are applied to different users.
The policies differ in strength etc. The problem was that with the only pwcheck
modul you can find on the net
(https://ltb-project.org/svn/openldap-ppolicy-check-password/trunk/) you just
define one 'policy-thing' which will be checked if check-password.so is run.

I wanted to have something were you also can define multiple policies which also
can differ, so I wrote my own module which reads two config files:

There are the policies defined. Example:

min_len     = 8
min_digit   = 1
min_lower   = 1
min_special = 1
min_upper   = 1

These file holds the relation between users and policies:

uid=lukas,ou=People,dc=example,dc=com : Default

Well, it would have been nicer if that policy definition & co would also be
stored in ldap, but the config-file-way was the faster one as it had to be
finished quick.

Whatever, maybe some of you could need this or improve it.