[Date Prev][Date Next]
Re: multiple password policies?
On Tuesday 04 December 2007 01:35:57 R.B. wrote:
> After reading some ppolicy HOWTOs, I've seen the following line in the
> slapd.conf file to assign a default password policy to users.
> slapd.conf file contains:
> `ppolicy_default "cn=default,ou=policies,dc=example,dc=com"`
> So I imagine this is used as the default policy for all users since
> it's defined globally.
> If I have several OUs that define users, groups, etc… how would I
> implement a password policy per user/group?
> For my setup, I would conceivably have:
> ...and so on as I need policies in my directory.
> How can I apply these per group or user? Would I add a field to my
> posix[User|Group] schema?
Per-user, by setting the pwdPolicySubentry attribute on the entry for the
user, as documented in slapo-ppolicy(5).