Márcio Luciano Donada wrote:
Michael Ströder escreveu:
The first question is whether you need password policy enabled. If yes, then see man page slapo-ppolicy(5). If no, then turn it off in the LDAP client in question (which one?). If that's pam_ldap then watch out the configuration in the accompanying ldap.conf file.
Error on adding default policie in the ldap database:
Did you actually read the man page I mentioned above?
# ldap:/etc/ldap# slapadd -l /tmp/polici.txt The first database does not allow slapadd; using the first available one (2)
Well, you should rather use ldapadd for adding single entries into an existing tree.
str2entry: invalid value for attributeType objectClass #0 (syntax 1.3.6.1.4.1.1466.115.121.1.38) slapadd: could not parse entry (line=1)
ldap:/etc/ldap# cat /tmp/polici.txt dn: cn=default,ou=Policies,dc=xxxx,dc=com,dc=br cn: default objectClass: pwdPolicy objectClass: person objectClass: top
I guess you did not enable slapo policy in your slapd configuration. Please read the man page I referenced carefully.
Ciao, Michael.