On 07/01/2012 14:16, Joe Friedeggs wrote:
Your initial mail does not show a 'ppolicy_default' in slapd.conf. I believe you need to create a default ppolicy entry in LDAP, and specify it in slapd.conf:
# Password Policy overlay ppolicy ppolicy_default "cn=default,ou=ppolicy,dc=local"
For testing purpose I want only to apply it to this particular user, that's why I didn't put a default policy in slapd.conf
Without the default, or if you want a user to use something other than default, you'll need to manually set the pwdPolicySubentry for the user. In you case:
dn: uid=lcaron_99,ou=People,dc=local changetype: modify replace: pwdPolicySubentry pwdPolicySubentry: cn=lcaron_99,ou=ppolicy,dc=local
From my 1st mail, I have the following:
" dn: cn=lcaron_99,ou=ppolicy,dc=local ... snip ... pwdMaxFailure: 3
dn: uid=lcaron_99,ou=People,dc=local ... snip ... pwdPolicySubentry: cn=lcaron_99,ou=ppolicy,dc=local "