Hello all,
I'm trying to add a default password policy to my directory. I have set the following parameters in slapd.conf:
---- include /etc/ldap/schema/ppolicy.schema [...] moduleload ppolicy [...] backend hdb database hdb suffix "dc=example,dc=net" [...] # Password policy overlay ppolicy ppolicy_default "cn=defaultpwpolicy,ou=policies,dc=example,dc=net" ----
I have created the OU 'policies' just fine, but when I try to add a pwdPolicy object, i get the following error:
---- # ldapadd -x -D cn=admin,dc=example,dc=net -W << EOF dn: cn=defaultpwpolicy,ou=policies,dc=example,dc=net objectClass: pwdPolicy objectClass: top pwdAttribute: userPassword pwdAllowUserChange: TRUE pwdInHistory: 2 pwdMaxFailure: 10 pwdLockout: TRUE pwdLockoutDuration: 1800 pwdMinLength: 6 EOF Enter LDAP Password: adding new entry "cn=defaultpwpolicy,ou=policies,dc=example,dc=net" ldap_add: Invalid syntax (21) additional info: objectClass: value #0 invalid per syntax ----
The Schema is properly loaded, the ppolicy.so module is in the path (ie, /usr/lib/ldap on debian). So, I'm out of ideas. Anything I've missed here ?
Thanks for your help, Julien