[Date Prev][Date Next]
Re: ppolicy by group
Jeroen van Aart wrote:
Howard Chu wrote:
Read the manpage yourself, it's all explained there already.
Thanks for the advice. I did that already and upon closer re-reading
indeed it answers some of my questions:
This attribute refers directly to the pwdPolicy subentry that is to be
used for this particular directory user. If pwdPolicySubentry exists, it
must contain the DN of a valid pwdPolicy object. If it does not exist,
the ppolicy module will enforce the default password policy rules on the
user associated with this authenticating DN. If there is no default, or
the referenced subentry does not exist, then no policy rules will be
However I have been unable to verify that if I reconfigure slapd to use
ppolicy then its current functionality will not be influenced? I assume
that is the case given the above quote. But it'd be nice to have it
If you don't have a default ppolicy defined and no pwdPolicySubentry
then slapd will perform as it is currently configured.
OpenLDAP Engineering Team.
Community developed LDAP software.