[Date Prev][Date Next]
Re: ppolicy and Red Hat Linux
Joe Friedeggs schrieb:
> Debugging this issue has caused me a bit of confusion. In the LDAP logs, when logging into other equipment that 'binds as user', I see warnings, etc. returned:
> ppolicy_bind: Setting warning for password expiry for uid=test_user,ou=people,o=theorg,dc=example,dc=net = 1251 secds
> BUT, since the Linux LDAP client has a separate 'binddn', I don't see these warnings when the Linux LDAP client does the ldapsearch to validate the user. How does the policy work in this situation?
> Am I missing something here?
have a look at 'man pam_ldap':
> pam_lookup_policy <yes|no>
> Specifies whether to search the root DSE for password policy. The default is "no".
Did you set that to yes on your clients in /etc/ldap.conf or what ever
it is called on RHEL5?