[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ppolicy



Ralf Haferkamp wrote:
On Freitag, 11. April 2008, Rick Stevens wrote:
Howard Chu wrote:
Chris G. Sellers wrote:
Rick,

try

ldapsearch -{normal stuff here}  cn=<value>  '*' '+'

And then man ldapsearch and read the 'operational' section of the
manpage (near the top)

On Apr 10, 2008, at 6:35 AM, Gavin Henry wrote:
Rick Stevens wrote:
I've got a question regarding the ppolicy overlay.  I've read
the docs I
can find for it on the web, but there's a couple of holes in
them and in
my knowledge.
I've got the config set up (schema, module load, external check
library)
and such.  I've got the default policy DN in the database and
such. From slapd.conf:
overlay ppolicy
        ppolicy_default \
    "cn=DefaultPassword,ou=Policies,dc=billing,dc=com"
        ppolicy_use_lockout
        ppolicy_hash_cleartext
If the above extract from slapd.conf was quoted exactly, then it is
wrong. Read the slapd.conf(5) manpage.
The "ppolicy_default" stuff is on one line.  I reformatted it for my
mail client.
The indentation is the problem. The slapd.conf(5) manpage states this:

"If a line begins with white space, it is considered a continuation of the previous line."

All the ppolicy statements have to be on separate lines as they are separate config options.

Oh. The example code showed indentations, I believe. I'll reformat and give it a whirl.

I really do appreciate the help.  I'll keep the list posted.
----------------------------------------------------------------------
- Rick Stevens, Unix Geek                          rps2@socal.rr.com -
-                                                                    -
-    Working with Linux is like wrestling with a worthy opponent.    -
-   Working with Windows is like picking on an annoyed child with a  -
-                            loaded handgun.                         -
----------------------------------------------------------------------