Hi Everyone,
I'm new to openldap and was just wondering if OpenLDAP implements force change password policy?
Does it expire the password of the user after a specified number of days? Also can I specify a list of commonly used passwords so that users cannot use it?
Thanks Carlo
Carlo Camerino cmcamerino@gmail.com writes:
Hi Everyone,
I'm new to openldap and was just wondering if OpenLDAP implements force change password policy?
Does it expire the password of the user after a specified number of days? Also can I specify a list of commonly used passwords so that users cannot use it?
http://www.openldap.org/doc/admin24/overlays.html#Password Policies man slapo-ppolicy(5)
-Dieter
On Sunday 03 May 2009 01:16:20 Carlo Camerino wrote:
Hi Everyone,
I'm new to openldap and was just wondering if OpenLDAP implements force change password policy?
Please see 'man slapo-ppolicy'.
Does it expire the password of the user after a specified number of days?
It can. See above.
Also can I specify a list of commonly used passwords so that users cannot use it?
Not out-the-box, but there is a module that can be used as a 'pwdCheckModule' that can do this, see http://open.calivia.com/projects/openldap . (This is shipped in some Linux distributions). If compiled with cracklib support, it will check the cracklib dictionaries (not strictly a "list of commonly used passwords").
Regards, Buchan
openldap-software@openldap.org