Just confirmed that policy.la is in the correct place. Here's what I have in slapd.conf
modulepath /usr/lib64/openldap moduleload ppolicy.la
[csadmin@XXX openldap]$ ls -la | grep pp lrwxrwxrwx 1 root root 20 Aug 22 16:06 ppolicy-2.4.so.2 -> ppolicy-2.4.so.2.5.6 -rwxr-xr-x 1 root root 39824 Apr 29 03:50 ppolicy-2.4.so.2.5.6 -rwxr-xr-x 1 root root 936 Apr 29 03:49 ppolicy.la
Anything else I can check?
Thanks for all your help.
On 9/17/13 1:22 AM, "Quanah Gibson-Mount" quanah@zimbra.com wrote:
--On Tuesday, September 17, 2013 4:08 AM +0000 Philip Bubel philip@bubel.com wrote:
I was able to add the new policy but I'm having trouble applying it to an existing user. Here's the .ldif file I"m using and the error I"m getting.
# ldapmodify -D "cn=Manager,dc=XXX,dc=test" -W -x -f /tmp/apply.ldif Enter LDAP Password: modifying entry "cn=bwayne,ou=users,dc=XXX,dc=test" ldap_modify: Undefined attribute type (17) additional info: pwdPolicySubentry: attribute type undefined
This indicates that the ppolicy overlay is not loaded. So did the fact that you couldn't use "userPassword" earlier, which I noted then. Switching to the OID simply let you bypass the fact that the ppolicy overlay wasn't loaded. So now you have two errors that indicate that slapd has not loaded the ppolicy overlay. I would advise you, again, to figure out why ppolicy isn't loading. First by answering the question I asked you earlier -- Does the ppolicy.la file even exist in the modulepath you specified?
--Quanah
--
Quanah Gibson-Mount Lead Engineer Zimbra Software, LLC
Zimbra :: the leader in open source messaging and collaboration