[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How to enable 'pwdPolicySubentry' in ppolicy.schema

Alexey Shalin wrote:

How to enable  'pwdPolicySubentry' in ppolicy.schema, I added this into

Never modify the schema files distributed with OpenLDAP.

attributetype (

       NAME 'pwdPolicySubentry'

       DESC 'The pwdPolicy subentry in effect for this object'

       EQUALITY distinguishedNameMatch



       USAGE directoryOperation )

But after that my slapd do not started.

Of course.

Schema files are only for defining user attributes. Operational attributes must be implemented in code and cannot be defined from a schema config file.

This particular attribute is already implemented in the ppolicy overlay so there is no need to define it again anyway.

should I upgrade openldap to the last ver ?

That would make no difference here, but it's always best to stay up to date.

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/