[Date Prev][Date Next] [Chronological] [Thread] [Top]

can't get ppolicy to work

Hi all,

I have problem getting ppolicy working..
I use 2.3.38 version(bichan rpms), and this is a part of  my slapd.conf :

include /usr/share/openldap2.3/schema/ppolicy.schema

moduleload      ppolicy.la
moduleload      syncprov.la
moduleload      unique.la
moduleload      accesslog.la
moduleload      auditlog.la
security ssf=1 update_ssf=112 simple_bind=64
database        bdb
suffix          "dc=exemple,dc=com"
rootdn          "cn=admin,ou=system,dc=exemple,dc=com"
rootpw          {SSHA}hashedpassword
directory       /usr/local/ldap
mode    0600
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
ppolicy_default "cn=default,ou=policies,ou=system,dc=exemple,dc=com"

This is the ldiff file that I used to add the default policy:

dn: cn=default,ou=policies,ou=system,dc=exemple,dc=com
objectClass: top
objectClass: pwdPolicy
objectClass: organizationalRole
cn: default
pwdInHistory: 3
pwdCheckQuality: 2
pwdMinage: 60
pwdMaxAge: 0
pwdMinLength: 6
pwdLockout: TRUE
pwdMaxFailure: 3
pwdLockoutDuration: 60
pwdAllowUserChange: TRUE
pwdSafeModify: TRUE
pwdMustChange: TRUE

I didn't see any errors in slapd log file nor when I add this entry!
But When I change new users password (after ppolicy installation and as users (not rootdn), there is no password policy applied:

I changed pwdCheckQuality from 1 to 2, but the results is the same!!

Any help will be appreciated.