[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Password policy questions

On Friday 06 June 2008 14:41:42 Vincent Panel wrote:
> Hi list,
> I'd like to do something rather simple (at least to me) with password
> policy : * Ensure the userPassword is 6 characters long at least
> * Ensure there's at least onenumber
> * Ensure there's at least one uppercase character
> I found out my first condition can be set by using the pwdMinLength
> attribute and the ppolicy overlay, but what should I do for the other
> two ? If it implies using pwdCheckModule and writing a C function and
> plugging it into openldap then I find it  rather difficult for an ldap
> administrator just wanting to enforce policies...


> Is there any plan to make things easier, like having openldap
> providing 2 or 3 default C functions for this module ?

IMHO it would be worthwhile providing some modules by default.

> Finally, why is it taking so long for the IETF to approve the ppolicy
> draft published in 2001 ? Has the effort been abandonned ?

AFAIK there is a new draft ...