[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ppolicy by group

Jeroen van Aart wrote:
Gavin Henry wrote:
man slapo-ppolicy:

"Every account that should be subject to password policy control should
have a pwdPolicySubentry attribute containing the DN of a valid
pwdPolicy entry, or they can simply use the configured default. In this
way different users may be managed according to different policies."

Is it safe to conclude from that that if there is no default policy configured then unless an account has a pwdPolicySubentry containing the DN of a valid pwdPolicy entry it will not be subject to password policy?

Read the manpage yourself, it's all explained there already.

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/