[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Password policy

On Mon, Nov 19, 2012 at 10:14 AM, jeevan kc <jeev_biz@hotmail.com> wrote:
> Hello
> I want to enable password policy on Openldap 2.4.30(to all users. I see that
> the ppolicy.ldif and ppolicy.schema are listed under
> /usr/local/etc/openldap/schema but are not present on
> /usr/local/etc/openldap/slapd.d/cn=config folder. So do I need to add the
> policy.ldif to the cn=config folder ? Is there like specific procedure to do
> that or can I add manually with ldapadd ? Also how do I enable that schema
> to all users ? Please help.
> Jeevan

If you have the policy as a diff, you could add it by saying

ldapadd -Y EXTERNAL -H ldapi:/// -f /path/to/ppolicy.ldif

Then you need to ldapmodify each user, adding something like

objectClass: pwdPolicy

to each of them.

This is off the top of my head, so do verify before doing exciting
thingies to your server. ;)