2011/12/1 Fabian Heinz fabian.heinz@xinfo.de
Hi together,****
I want to setup password policy in a small company. ****
We’re using openldap for a while without any pw constraints. ****
Now I got ppolicy working and pw update fails correctly on the defined constraints.****
But I am not able to load the pwdCheckModule.****
I implemented some basic function which should always fail, just to see it is working. But it seems not be loaded.****
I compiled it as shared library with libtool and tried different locations with no result.****
I even cannot find any logging information about that. ****
Can you give some tips where to find the loggings or how to increase them. At the moment I configured slapd.conf to loglevel -1 ****
And can only find logging in the syslog ****
Here my policy ldif****
version: 1****
DN: cn=default,ou=policies,dc=company,dc=com****
objectClass: top****
objectClass: device****
objectClass: pwdPolicy****
objectClass: pwdPolicyChecker****
cn: default****
pwdAllowUserChange: TRUE****
pwdAttribute: userPassword****
pwdCheckModule: libcheck_password.so****
pwdCheckQuality: 1****
pwdExpireWarning: 432000****
pwdFailureCountInterval: 0****
pwdGraceAuthNLimit: 0****
pwdInHistory: 0****
pwdLockout: TRUE****
pwdLockoutDuration: 1920****
pwdMaxAge: 7516800****
pwdMaxFailure: 4****
pwdMinLength: 8****
pwdMustChange: TRUE****
pwdSafeModify: FALSE****
I tried to put the shared library to /usr/local/lib and /usr/lib/ldap****
Both had not effect.
Hi,
try to configure modulepath directive with the path containing your module. By default, modules are searched in OPENLDAP_ROOT/libexec/openldap/
Clément.