Hello,
Despite my search I can't find a good solution to my issue.
I
would like to implement passord policy inside my LDAP server. So I will
use the password policy overlay. The policy applyed to the user is
located on the pwdPolicySubentry attribute of the user entry.
I
would like to configure the password expiration warning on my policy. I
would also that this warning will be displayed on my linux based
server.
Due to the deprecation of pam_ldap
module on recent system, I'm using SSSD. Despite my search, SSSD is only
able to fetch the password expiration attribut inside the shadowAccount
objectClass (so on the user entry).
To be able to
define my policy once, I have to show and rename the ppolicy objectClass
attribut referenced by the pwdPolicySubentry dn inside the user entry.
with
the slapo-rwm I can map the attribute of the same leaf objectClass to
another name but I'm not able to follow the pwdPolicySubentry DN and map
the value of this object inside the posixAccount objectClass.