[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Ppolicy issues

Bryan Payne skrev, on 20-02-2008 16:10:

Thank you for your help. I added the pwdPolicySubentry to a user to no avail. I did find this in the logfile though:

Feb 20 09:01:13 ldapserver slapd[6709]: conn=95289 op=4 SEARCH RESULT tag=101 err=50 nentries=0 text=Operations are restricted to bind/unbind/abandon/StartTLS/modify password

So it looks like it's trying to do something but cannot. While I'm concerned about password strength, I'm more concerned (at this point) with just having the machine prompt for a password change. I'm running centos 4.6 and openldap 2.3.39. I compiled it with the following:

./configure --enable-crypt --enable-ppolicy --with-tls --prefix=/opt/openldap/

Once again, thanks for any help.

I'd strongly advise you to chuck out your self-built 2.3.39 and install the rpms at http://staff.telkomsa.net/packages/rhel4/openldap/$basearch. You need both libldap and openldap.

Shouldn't be difficult if you install to /opt (you an old Solaris person? Or other SYSV?) These will install to LFH locations; however, being rpms you can always chuck them off again if they don't please (which they will ;) ).

Then take it again from the beginning. These are Buchan Milne's rpms and have their own discrete, patched db4 4.2.52 which will not conflict with the db4 4.2.52 which you have from CentOS. Moreover everything including sonames is named differently from Red Hat's, so it all takes a bit of getting used to. But when you have, you'll never look back.



Tony Earnshaw
Email: tonni at hetnet dot nl