Hello,
I think that the pwdAttribute needs an OID value (specified by the syntax) so you would must use the OID of the userPassword attribute which is 2.5.4.35
mailing lists wrote:
Hello,
I think that the pwdAttribute needs an OID value (specified by the syntax) so you would must use the OID of the userPassword attribute which is 2.5.4.35
This is true if you don't have the ppolicy module loaded. When the module is loaded, it installs a custom syntax handler for the pwdAttribute attribute that will recognize textual attribute names as well as OIDs. If you don't have the module loaded, you have done something wrong.
On 9/14/10 8:40 AM, mailing lists wrote:
Hello,
I think that the pwdAttribute needs an OID value (specified by the syntax) so you would must use the OID of the userPassword attribute which is 2.5.4.35
I thought that would be a possibility for the failure Kiran and Julien are facing, (please guys, can you give it a try ?), but IMO, there is no reason why we would not be allowed to use 'userPassword' in this context.
Using the OID instead of the alias name does not carry any extra information, as soon as the alias is valid accordingly to the schema (whatever it represents, be it an AT, OC, MR, or any of the other kind of schema objects). The syntax should just check that the alias is syntaxically correct. It's up to the ppolicy overlay to check that the value is a valid AT.
Plus the error message is really misleading if this is the cause for the error.
openldap-technical@openldap.org
-
Emmanuel Lecharny -
Howard Chu -
mailing lists