openldap-software January 2007

openldap-software@openldap.org

98 participants
123 discussions

OpenLDAP user credentials lifetime issue
by Alina Dubrovska 03 Jan '07

03 Jan '07

Hello, I need to implement directory users' credentials lifetime functionality on my OpenLDAP server (2.3.27). For each user lifetime can be set as "forever" or "number of days between 1 and 365". After lifetime expires user must be terminated (user entry still present in directory, but not able to authenticate). I have inspected slapo-ppolicy(5) overlay functionality, seems that: "pwdMaxAge=<lifetime>" + "pwdGraceAuthnLimit=0" would help, but then I need to setup separate policy for each user with different lifetime (not acceptable). I would like to ask if slapd(8) offers features (in addition to slapo-ppolicy) to control the lifetime of directory users' credentials? Is there a convenient way to implement such requirement? Any suggestions are very appreciated! Thanks in advance, Alina.

3 3

Porting to Sun Galaxy
by Girish Pal 02 Jan '07

02 Jan '07

Hi, We are currently using slapd version 1.8.8.7 for our inhouse product based on Sun Solaris 2.8.9 Sun Solaris sparc platform. We need to migrate our slapd to the newly ported system based on Sun Galaxy, Solaris version 10. Kindly suggest which version we should use for our requirements. -- Regards, Girish

4 5

slappasswd question
by Greg Martin 01 Jan '07

01 Jan '07

I have slapd configured with password-hash {SSHA}. I'm uusing slappasswd to generate passwords and notice that if I run it twice with the same secret that I get different results. I guess I don't understand this, but how does slapd verify a password if each time I generate it I get something different? Confused! \\Greg $OpenLDAP: slapd 2.3.27 (Oct 13 2006 09:16:43)

3 4

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-software January 2007