17 Jun
2011
17 Jun
'11
2:07 p.m.
2011/6/16 Darouichi, Aziz adarouic@post03.curry.edu:
Hi,
I am trying to institute a password policy in openldap-2.4.23. I would like to hash userPassword: I used “ppolicy_hash_cleartext”
This is the policy file:
dn: ou=policies,dc=establishment,dc=edu objectClass: top objectClass: organizationalUnit ou: policies
dn: cn=default,ou=policies,dc=establishment,dc=edu cn: default objectClass: pwdPolicy objectClass: person objectClass: top pwdAllowUserChange: TRUE pwdAttribute: 2.5.4.35 ppolicy_hash_cleartext pwdCheckQuality: 2 pwdExpireWarning: 600 pwdFailureCountInterval: 30 pwdGraceAuthNLimit: 5 pwdInHistory: 5
Password still shows up in clear txt.
You may need to configure the "password-hash" parameter in slapd.conf or cn=config.
Clément.