2011/9/27 Lukas Grässlin lukas.graesslin@collax.com:
Hi there,
I wrote a new pwcheck module for the slapo-ppolicy overlay which is able to handle multiple different policies.
My problem was:
I have multiple password policies which are applied to different users. The policies differ in strength etc. The problem was that with the only pwcheck modul you can find on the net (https://ltb-project.org/svn/openldap-ppolicy-check-password/trunk/) you just define one 'policy-thing' which will be checked if check-password.so is run.
I wanted to have something were you also can define multiple policies which also can differ, so I wrote my own module which reads two config files:
$CONFDIR/ppolicies: There are the policies defined. Example:
[Default] min_len = 8 min_digit = 1 min_lower = 1 min_special = 1 min_upper = 1
$CONFDIR/users: These file holds the relation between users and policies:
uid=lukas,ou=People,dc=example,dc=com : Default
Well, it would have been nicer if that policy definition & co would also be stored in ldap, but the config-file-way was the faster one as it had to be finished quick.
Whatever, maybe some of you could need this or improve it:
http://dl.dropbox.com/u/32193848/pwcheck.tar.bz2
You have to build it within ldap (like the old one). So put it there: $ldapsrcdir/contrib/slapd-modules
Hello Lukas,
nice improvement. I saw you rewrite all the thing, was there no possibility to patch the LTB module? I would be happy if you contribute it on the LDAP Tool Box project.
Clément.