OpenLDAP user credentials lifetime issue
by Alina Dubrovska
Hello,
I need to implement directory users' credentials lifetime functionality on
my OpenLDAP server (2.3.27). For each user lifetime can be set as "forever"
or "number of days between 1 and 365". After lifetime expires user must be
terminated (user entry still present in directory, but not able to
authenticate).
I have inspected slapo-ppolicy(5) overlay functionality, seems that:
"pwdMaxAge=<lifetime>" + "pwdGraceAuthnLimit=0"
would help, but then I need to setup separate policy for each user with
different lifetime (not acceptable).
I would like to ask if slapd(8) offers features (in addition to
slapo-ppolicy) to control the lifetime of directory users' credentials? Is
there a convenient way to implement such requirement?
Any suggestions are very appreciated!
Thanks in advance,
Alina.
14 years, 8 months
Porting to Sun Galaxy
by Girish Pal
Hi,
We are currently using slapd version 1.8.8.7 for our inhouse product based
on Sun Solaris 2.8.9 Sun Solaris sparc platform. We need to migrate our
slapd to the newly ported system based on Sun Galaxy, Solaris version 10.
Kindly suggest which version we should use for our requirements.
--
Regards,
Girish
14 years, 8 months
slappasswd question
by Greg Martin
I have slapd configured with password-hash {SSHA}. I'm uusing
slappasswd to generate passwords and notice that if I run it twice with
the same secret that I get different results. I guess I don't
understand this, but how does slapd verify a password if each time I
generate it I get something different?
Confused!
\\Greg
$OpenLDAP: slapd 2.3.27 (Oct 13 2006 09:16:43)
14 years, 8 months
