My slapd.conf file is as follow # Load dynamic backend modules: modulepath /usr/local/libexec/openldap moduleload ppolicy.la # moduleload /usr/local/libexec/openldap/ppolicy.so # modulepath /usr/local/libexec/openldap # moduleload back_bdb.la # moduleload back_ldap.la # moduleload back_ldbm.la # moduleload back_passwd.la # moduleload back_shell.la and overlay ppolicy ppolicy_default "cn=default,ou=Policies,dc=rorotika,dc=com" ppolicy_use_lockout
When I start slapd in debug with d 255, I get the following "error"?
ine 21 (loglevel 4) line 22 (pidfile /usr/local/var/run/slapd.pid) line 23 (argsfile /usr/local/var/run/slapd.args) line 26 (modulepath /usr/local/libexec/openldap) line 27 (moduleload ppolicy.la) loaded module ppolicy.la module ppolicy.la: null module registered line 65 (access to dn.base="" by * read)
dnNormalize: <>
<<< dnNormalize: <> Backend ACL: access to dn.base="" by * read
The line that consern me is "module ppolicy.la: null module registered", is this a problem? The ppolicy does not seen to overlay... It seems that the Solaris 10 settings is still valid, for example
It seems that this policy is not activated, for example the pwdMinLength: is set to 3, but when the user changes his/her password, it seems that the Solaris policy takes over from the /etc/default/passwd file test5:/ $ ssh admin777@10.1.1.5 * * * * * * * * * * * * W A R N I N G * * * * * * * * * * * * * * THIS SYSTEM IS RESTRICTED TO AUTHORIZED USERS FOR AUTHORIZED USE ONLY. UNAUTHORIZED ACCESS IS STRICTLY PROHIBITED AND MAY BE PUNISHABLE UNDER THE COMPUTER FRAUD AND ABUSE ACT OR OTHER APPLICABLE LAWS. IF NOT AUTHORIZED TO ACCESS THIS SYSTEM, DISCONNECT NOW. BY CONTINUING, YOU CONSENT TO YOUR KEYSTROKES AND DATA CONTENT BEING MONITORED. ALL PERSONS ARE HEREBY NOTIFIED THAT THE USE OF THIS SYSTEM CONSTITUTES CONSENT TO MONITORING AND AUDITING. * * * * * * * * * * * * W A R N I N G * * * * * * * * * * * * * Password: Last login: Tue Jul 12 11:14:22 2011 from test5.example. Sun Microsystems Inc. SunOS 5.10 Generic January 2005 Sun Microsystems Inc. SunOS 5.10 Generic January 2005 Sourcing //.profile-EIS..... test5:/ $ id uid=5011(admin777) gid=1000(users) groups=1000(users) test5:/ $ passwd passwd: Changing password for admin777 Enter existing login password: New Password: passwd: Password too short - must be at least 8 characters.
Please try again New Password: test5:/ $ cat /etc/default/passwd
#ident @(#)passwd.dfl 1.7 04/04/22 SMI # # Copyright 2004 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # MAXWEEKS=13 MINWEEKS= PASSLENGTH=8
# NAMECHECK enables/disables login name checking.
Could someone point me in the right direction please?
openldap-technical@openldap.org