Setup: OpenLDAP 2.4 SUSE SLES11, chaining (read only) to an AD directory
I've set up a simple default pwd policy and configured it in slapd.conf:
- Included the schema /etc/openldap/schema/ppolicy.schema
- Under my db configuration added the entries
overlay ppolicy
ppolicy_default "cn=default,ou=pwpolicies,dc=niwa,dc=local"
- The policy is simply:
dn: cn=default,ou=pwpolicies,dc=example,dc=com
cn: default
…..
pwdMinLength: 8
pwdAllowUserChange: TRUE
But when I run tests with too short a password the password still gets changed. No error messages.
One thing I am confused about is that the documentation says to include the moduleload directive in slapd.con but I can't find any modules, the directory where they are supposed to be is empty. slapd –VVV indicates that it includes the static overlay.
Any help is highly appreciated, I am quite a newby at this.
Gaby
--
Dr Gabriella Turek
Sr. Software Engineer, Systems Development Team
NIWA Auckland, New Zealand
Tel: +64 9 3754645
www.niwa.co.nz
NIWA - Enhancing the benefit of New Zealand’s natural resources.