[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Password Policy
- To: "Darouichi, Aziz" <adarouic@post03.curry.edu>
- Subject: Re: Password Policy
- From: Clément OUDOT <clem.oudot@gmail.com>
- Date: Fri, 17 Jun 2011 23:07:59 +0200
- Cc: openldap-technical@openldap.org
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=9CX18LMJm3sN/HT/bZpEzgCr/yhCJ3TbPKVOa7mPrTw=; b=OYOzaSYmuZevyEa/i5F5odZo4EeuNSFEBQ4icMrZ4Btlgw74aZUhq27tbNrhs3Xqki e4Z06v+32xXEdHSMEtzxq1pDNPaZiR3BRXNr6qZe343Zws5c8QdIBQBiUPJwsGjqKUnV Ml0HVhgUkqZbPGUQvDkg/BMJpXwkF2GuXeBp0=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=ES8Xiem5xp0ZEXa8WUL7uCqhL5EVle092DiE8vGXSVBCrSpFHmAqDjMZYK95u3zxlM 826KNYpcmHvDWpMjZkNXXS0fOMOH7S/eHmpQkZeBLyg4GF5uhiC6XecNs6zgRoLUGHtV bskktfbzvcitBYLh+HCYsyB5DR62SzqTg/soY=
- In-reply-to: <2398337E30371A47B556742B49C7805B3F67CEAEF1@EXCCRMBX01.Currynet.local>
- References: <2398337E30371A47B556742B49C7805B3F67CEAEF1@EXCCRMBX01.Currynet.local>
2011/6/16 Darouichi, Aziz <adarouic@post03.curry.edu>:
> Hi,
>
>
> I am trying to institute a password policy in openldap-2.4.23. I would like
> to hash userPassword: I used “ppolicy_hash_cleartext”
>
> This is the policy file:
>
> dn: ou=policies,dc=establishment,dc=edu
> objectClass: top
> objectClass: organizationalUnit
> ou: policies
>
> dn: cn=default,ou=policies,dc=establishment,dc=edu
> cn: default
> objectClass: pwdPolicy
> objectClass: person
> objectClass: top
> pwdAllowUserChange: TRUE
> pwdAttribute: 2.5.4.35
> ppolicy_hash_cleartext
> pwdCheckQuality: 2
> pwdExpireWarning: 600
> pwdFailureCountInterval: 30
> pwdGraceAuthNLimit: 5
> pwdInHistory: 5
>
>
> Password still shows up in clear txt.
>
You may need to configure the "password-hash" parameter in slapd.conf
or cn=config.
Clément.