I was able to add the new policy but I'm having trouble applying it to an existing user. Here's the .ldif file I"m using and the error I"m getting.
# ldapmodify -D "cn=Manager,dc=XXX,dc=test" -W -x -f /tmp/apply.ldif Enter LDAP Password: modifying entry "cn=bwayne,ou=users,dc=XXX,dc=test" ldap_modify: Undefined attribute type (17) additional info: pwdPolicySubentry: attribute type undefined
dn: cn=bwayne,ou=users,dc=XXX,dc=test changetype: modify add: pwdPolicySubentry pwdPolicySubentry: cn=default,ou=policies,dc=XXX,dc=test
On 9/16/13 11:42 PM, "Philip Bubel" philip@bubel.com wrote:
Just tired it use " pwdAttribute: 2.5.4.35". I must have tired it with a different OID.
Thanks everybody, will test more in the morning.
-----Original Message----- From: Quanah Gibson-Mount [mailto:quanah@zimbra.com] Sent: Monday, September 16, 2013 7:23 PM To: Michael Ströder; openldap-technical@openldap.org; Philip Bubel Subject: Re: invalid syntax (21) error while importing password password policy
--On Tuesday, September 17, 2013 12:33 AM +0200 Michael Ströder michael@stroeder.com wrote:
On Mon, 16 Sep 2013 20:44:24 +0000 Philip Bubel philip@bubel.com wrote
ldap_add: Invalid syntax (21) additional info: pwdAttribute: value #0 invalid per syntax [..] pwdAttribute: userPassword
Should be this:
pwdAttribute: 2.5.4.35
Support for using "userPassword" as well as the OID was added back in OpenLDAP 2.3. It *should* work with either one. As my test run with test022 did.
--Quanah
--
Quanah Gibson-Mount Lead Engineer Zimbra Software, LLC
Zimbra :: the leader in open source messaging and collaboration