|
Noâ itâs usage of âgroupsâ doesnât imply the functional groups but rather a collection of âxâ users. However, http://www.openldap.org/doc/admin24/overlays.html section 12.10.2 states: â2. Default password policy - If there is no specific pwdPolicySubentry set for an object, and the password policy module was configured with the DN of a default
policy object and if that object exists, then the policy defined in that object is applied.â It includes a link to symas blog â (dead link really, but search for ppolicy loads a page that includes: ppolicy_default "cn=default,ou=Policies,dc=symas,dc=com" You can also try googling for âopenldap ppolicy defaultâ. - chris From: openldap-technical-bounces@OpenLDAP.org [mailto:openldap-technical-bounces@OpenLDAP.org]
On Behalf Of Rodrigo Coutinho The slapo-ppolicy states that "...Different groups of users may be associated with different password policies, and there is no limit ..." Don't those "groups" mentioned, refer to groups of ldap users cn=xxx,ou=groups,... ? De: ClÃment OUDOT [mailto:clem.oudot@gmail.com]
2014-02-25 17:10 GMT+01:00 Rodrigo Coutinho <Rodrigo.Coutinho@ifap.pt>: Hi again, I've finally managed to setup the password policy, but only statically (ran configure again). Have defined two password policies, one for all (default) and another for a specific group of users. The question now is: Can I assign a password policy to a group of users (cn=some_group,ou=groups,dc=xxx,dc=local)in one go, or must I assign to each user individualy the pwdPolicySubentry? I have searched, and although slapo states that it can be done, no example is provided. You need to assign to each user. ClÃment. A transmissÃo de mensagens por e-mail nÃo à absolutamente segura ou livre de erros. A mensagem pode ser intercetada, alterada, perdida, destruÃda, chegar ao destinatÃrio com atraso, ou mesmo com vÃrus, nÃo obstante o IFAP utilizar software
anti-vÃrus. This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system. |