robert.brooks(a)reporo.com wrote:
Full_Name: Robert Brooks
Version: openldap-2.4.41
OS: Ubuntu 14.04
URL:
ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (38.99.38.134)
Hi,
with ppolicy overlay loaded (and functioning) the following root DSE is:
I believe this is why the following pam_ldap config:
# Search the root DSE for the password policy (works
# with Netscape Directory Server)
pam_lookup_policy yes
does not make pam_ldap to interact with password policies against when
configured in openldap.
No. That controls compatibility with the obsolete/non-standard
Netscape-specific password policy attributes.
But pam_ldap itself is also obsolete. Pretty sure Ubuntu ships with nslcd and
nss-pam-ldapd now.
--
-- Howard Chu
CTO, Symas Corp.
http://www.symas.com
Director, Highland Sun
http://highlandsun.com/hyc/
Chief Architect, OpenLDAP
http://www.openldap.org/project/