[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: problem with security ppolicy



  
  Its solving problem with security policy.         Thank you.

  Please, update documentation for security policy in OpenLdap.

Now: 
 "This attribute controls the action taken when an account has had more consecutive failed bind attempts with invalid passwords than is defined by pwdMaxFailure."
But   pwdLockout : TRUE enables   other security blocks too, and this blocks don't work without it.



08.10.09, 11:21, "Clément OUDOT" <clem.oudot@gmail.com>:

> Le 7 octobre 2009 19:51, Evgeniy  a écrit :
> >
> > On releases up to 2.4.16  (2.3.x  too)  works  next config :
> >
> > overlay ppolicy
> > ppolicy_default "cn=CompanyAccountPolicy,ou=CompanyPolicies,dc=Company,dc=com"
> > ppolicy_hash_cleartext
> > ppolicy_use_lockout
> >
> >   On 2.4.18,  2.4.19  its don't  work.
> >
> >>>you have to apply a password policy to your  > entry, either by setting a default password policy in ppolicy overlay  > configuration
> >
> >  How I can do it ?
> The configuration looks correct. The pwdAccountLockedTime attribute
> should deactivate an entry in the directory. Be sure to have a TRUE
> value in pwdLockout attribute of
> cn=CompanyAccountPolicy,ou=CompanyPolicies,dc=Company,dc=com
> Clément.

-- 
---______________________________________________---
  С уважением, Евгений