[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
can't get ppolicy to work
Hi all,
I have problem getting ppolicy working..
I use 2.3.38 version(bichan rpms), and this is a part of my slapd.conf :
----------------------------------------------------------
...
include /usr/share/openldap2.3/schema/ppolicy.schema
moduleload ppolicy.la
moduleload syncprov.la
moduleload unique.la
moduleload accesslog.la
moduleload auditlog.la
#
security ssf=1 update_ssf=112 simple_bind=64
#
database bdb
suffix "dc=exemple,dc=com"
rootdn "cn=admin,ou=system,dc=exemple,dc=com"
rootpw {SSHA}hashedpassword
directory /usr/local/ldap
mode 0600
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
##ppolicy
ppolicy_default "cn=default,ou=policies,ou=system,dc=exemple,dc=com"
ppolicy_hash_cleartext
ppolicy_use_lockout
--------------------------------------------------------------------------------------
This is the ldiff file that I used to add the default policy:
dn: cn=default,ou=policies,ou=system,dc=exemple,dc=com
objectClass: top
objectClass: pwdPolicy
objectClass: organizationalRole
cn: default
pwdAttribute: 2.5.4.35
pwdInHistory: 3
pwdCheckQuality: 2
pwdMinage: 60
pwdMaxAge: 0
pwdMinLength: 6
pwdLockout: TRUE
pwdMaxFailure: 3
pwdLockoutDuration: 60
pwdAllowUserChange: TRUE
pwdSafeModify: TRUE
pwdMustChange: TRUE
###
I didn't see any errors in slapd log file nor when I add this entry!
But When I change new users password (after ppolicy installation and as
users (not rootdn), there is no password policy applied:
I changed pwdCheckQuality from 1 to 2, but the results is the same!!
Any help will be appreciated.
Wadi..