Hi,
Can we use ppolicy with another attribut than userPassword, userCertificate by example ?
Regards,
On Wednesday, 6 June 2007, Raphaël 'SurcouF' Bordet wrote:
Hi,
Can we use ppolicy with another attribut than userPassword, userCertificate by example ?
That wouldn't make sense, as: -certificates have expiry times -if you want to prevent use of the certificate before the expiry time, revoke it (and ensure the updated CRL is available whereever you need it) -you can -you can't change a certificate via exop (and they key should never cross the wire anyway)
Or, are you really looking for a PKI that can store data in LDAP?
Raphael,
Reading the man of PPOLICY, you can use the attributes from pwdPolicy object class to defines policies about userPassword attribute.
But userCertificate, I never see someone using this.
Cheers.
On 6/6/07, Raphaël 'SurcouF' Bordet surcouf@debianfr.net wrote:
Hi,
Can we use ppolicy with another attribut than userPassword, userCertificate by example ?
Regards,
-- Raphaël 'SurcouF' Bordet
Raphaël 'SurcouF' Bordet wrote:
Hi,
Can we use ppolicy with another attribut than userPassword, userCertificate by example ?
Using userCertificate would make no sense. Currently the ppolicy code only works with the userPassword attribute.
openldap-software@openldap.org
-
Buchan Milne -
Gabriel Stein -
Howard Chu -
Raphaël 'SurcouF' Bordet