7:30 a.m.
Hi,
I am using ppolicy overlay control password policy. Now I would like
to define 3 different policies as policyDN.
In slapd.conf one can only define a defaultDN, how can a policyDN
declared in an entry? Or is editing the operational attribute
pwdPolicySubentray with relax control the only way?
-Dieter
--
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6
7:44 a.m.
On Wed, Jul 11, 2007 at 04:30:00PM +0200, Dieter Kluenter wrote:
Hi,
I am using ppolicy overlay control password policy. Now I would like
to define 3 different policies as policyDN.
In slapd.conf one can only define a defaultDN, how can a policyDN
declared in an entry? Or is editing the operational attribute
pwdPolicySubentray with relax control the only way?
You just set pwdPolicySubentry of the entry to the DN of the policy you
want to enforce for that particular entry. What do you mean by "relax
control"?
9:10 a.m.
Andreas Hasenack <ahasenack(a)terra.com.br> writes:
On Wed, Jul 11, 2007 at 04:30:00PM +0200, Dieter Kluenter wrote:
> Hi,
> I am using ppolicy overlay control password policy. Now I would like
> to define 3 different policies as policyDN.
> In slapd.conf one can only define a defaultDN, how can a policyDN
> declared in an entry? Or is editing the operational attribute
> pwdPolicySubentray with relax control the only way?
You just set pwdPolicySubentry of the entry to the DN of the policy you
want to enforce for that particular entry. What do you mean by "relax
control"?
The attribute is a operational attribute with NO-USER-Modification,
( 1.3.6.1.4.1.42.2.27.8.1.23
NAME 'pwdPolicySubentry'
DESC 'The pwdPolicy subentry in effect for
this object'
EQUALITY distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
SINGLE-VALUE
NO-USER-MODIFICATION
USAGE directoryOperation)
for relax see draft-zeilenga-ldap-relax.txt
Relax in fact replaces manageDIT control.
-Dieter
--
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6
9:30 a.m.
On 7/11/07, Dieter Kluenter <dieter(a)dkluenter.de> wrote:
Hi,
I am using ppolicy overlay control password policy. Now I would like
to define 3 different policies as policyDN.
In slapd.conf one can only define a defaultDN, how can a policyDN
declared in an entry? Or is editing the operational attribute
pwdPolicySubentray with relax control the only way?
We edited the pwdPolicySubentry attribute of each user entry.
5474
days inactive
5474
days old
openldap-software@openldap.org
3 comments
3 participants
participants (3)
-
Andreas Hasenack -
Dieter Kluenter -
Sam Tran