Hi together,

I want to setup password policy in a small company.

We’re using openldap for a while without any pw constraints.

Now I got ppolicy working and pw update fails correctly on the defined constraints.

But I am not able to load the pwdCheckModule.

I implemented some basic function which should always fail, just to see it is working. But it seems not be loaded.

I compiled it as shared library with libtool and tried different locations with no result.

I even cannot find any logging information about that.

Can you give some tips where to find the loggings or how to increase them. At the moment I configured slapd.conf to loglevel  -1

And can only find logging in the syslog

Here my policy ldif

version: 1

DN: cn=default,ou=policies,dc=company,dc=com

objectClass: top

objectClass: device

objectClass: pwdPolicy

objectClass: pwdPolicyChecker

cn: default

pwdAllowUserChange: TRUE

pwdAttribute: userPassword

pwdCheckModule: libcheck_password.so

pwdCheckQuality: 1

pwdExpireWarning: 432000

pwdFailureCountInterval: 0

pwdGraceAuthNLimit: 0

pwdInHistory: 0

pwdLockout: TRUE

pwdLockoutDuration: 1920

pwdMaxAge: 7516800

pwdMaxFailure: 4

pwdMinLength: 8

pwdMustChange: TRUE

pwdSafeModify: FALSE

I tried to put the shared library to /usr/local/lib and /usr/lib/ldap

Both had not effect.

Thanks and greetings

fabs