hello
I try to test the new feature the new version openldap (openldap-2.3.36)
cd /alcatel/PR/ tar xvzf openldap-2.3.36.tgz cd /alcatel/PR/openldap-2.3.36 ./configure --prefix=/opt/ldap/OpenLDAP --with-cyrus-sasl --with-tls --enable-backends --enable-overlays make depend make make install
i create slapd.cond --------------- vi slapd.conf
include /opt/ldap/OpenLDAP/etc/openldap/schema/core.schema include /opt/ldap/OpenLDAP/etc/openldap/schema/ppolicy.schema include /opt/ldap/OpenLDAP/etc/openldap/schema/cosine.schema
include /opt/ldap/OpenLDAP/etc/openldap/schema/inetorgperson.schema overlay ppolicy ppolicy_default "cn=StandardPolicy,ou=Policies,dc=alcatel,dc=com" ppolicy_use_lockout
pidfile /alcatel/openldapTest/slapd.pid argsfile /alcatel/openldapTest/slapd.args database bdb suffix "dc=alcatel,dc=com" rootdn "cn=Admin,dc=alcatel,dc=com" directory /alcatel/openldapTest/data by self write by anonymous auth by * none
access to * by self write by anonymous auth by * read
i create defaultpolicy ------------------ dn: ou=Policies,dc=alcatel,dc=com objectClass: top objectClass: organizationalUnit ou: Policies structuralObjectClass: organizationalUnit
dn: cn=StandardPolicy,ou=Policies,dc=alcatel,dc=com objectClass: top objectClass: device objectClass: pwdPolicy cn: StandardPolicy pwdAttribute: userPassword pwdLockoutDuration: 120 pwdInHistory: 5 pwdCheckQuality: 2 pwdExpireWarning: 86400 pwdMaxAge: 864000 pwdMinLength: 5 pwdGraceAuthNLimit: 5 pwdAllowUserChange: TRUE pwdMustChange: FALSE pwdMaxFailure: 3 pwdFailureCountInterval: 120 pwdSafeModify: FALSE structuralObjectClass: device
i create user ------------
dn:cn=prtest,dc=alcatel,dc=com sn: prtest userpassword: prtest objectClass: person pwdPolicySubentry: cn=StandardPolicy cn: prtest
i thinl all are ok for the policies features but
and i run server ldap --------------
and i want to change password with a bad policy password
ldappasswd -h 192.200.244.87 -p 389 -x -D cn=prtest,dc=alcatel,dc=com -w prtest -s titi -e ppolicy
i have Result: Success (0) as answer i dont arive to see the policyies error with client ldap
could you help me
regards