[Date Prev][Date Next] [Chronological] [Thread] [Top]

PPolicy Questions


I hope this is the place to send such questions.  I'm having problems
getting started with ppolicy.

I am trying to specify a specific ppolicy entry for users without
using the slapd.conf default policy.  Our OpenLDAP deployment
environment in Red Hat uses version 2.3.33.

>From what I have read (elsewhere since the manual is missing the
ppolicy config info), I must first add a new policy of objectclass
'pwdPolicy" in the policy list.  I have done that without problem.  I
must then indicate for the users that use that policy, the DN of the
new policy in the field 'pwdPolicySubentry'.

My problem at this point is that I see no objectclass that contains
this field.  In reading the ppolicy.schema file I see that the type
'pwdPolicySubentry' is described there, but commented out.  The odd
thing though, is that even though it is commented out, I can see the
type in my LDAP browser when I look for a list of types, and I see no
description of it in the other .schema files.

I did read on someone's site that the user entry should be an
objectclass of 'pwdPolicy' and then the 'pwdPolicySubentry' field can
be entered, but in the ppolicy.schema document, 'pwdPolicySubentry' is
not described in the list of fields for objectclass 'pwdPolicy'.

Do I have to edit the ppolicy.schema to get the overlay to work this
way?  I'm new to LDAP so perhaps I'm not understanding something

Any help or suggestions would be very helpful.

-Todd Merrill