Hi together,
I want to setup password policy in a small company.
Were using openldap for a while without any pw constraints.
Now I got ppolicy working and pw update fails correctly on the defined constraints.
But I am not able to load the pwdCheckModule.
I implemented some basic function which should always fail, just to see it is working. But it seems not be loaded.
I compiled it as shared library with libtool and tried different locations with no result.
I even cannot find any logging information about that.
Can you give some tips where to find the loggings or how to increase them. At the moment I configured slapd.conf to loglevel -1
And can only find logging in the syslog
Here my policy ldif
version: 1
DN: cn=default,ou=policies,dc=company,dc=com
objectClass: top
objectClass: device
objectClass: pwdPolicy
objectClass: pwdPolicyChecker
cn: default
pwdAllowUserChange: TRUE
pwdAttribute: userPassword
pwdCheckModule: libcheck_password.so
pwdCheckQuality: 1
pwdExpireWarning: 432000
pwdFailureCountInterval: 0
pwdGraceAuthNLimit: 0
pwdInHistory: 0
pwdLockout: TRUE
pwdLockoutDuration: 1920
pwdMaxAge: 7516800
pwdMaxFailure: 4
pwdMinLength: 8
pwdMustChange: TRUE
pwdSafeModify: FALSE
I tried to put the shared library to /usr/local/lib and /usr/lib/ldap
Both had not effect.
Thanks and greetings
fabs
Beschreibung: C:\Users\fabs\AppData\Roaming\Microsoft\Signatures\xinfo-Dateien\bgleft.png
Fabian Heinz
Tel.: +49-89-1891788-34 Mobile.: +49-176-36107036 Mail: mailto:fabian.heinz@xinfo.de fabian.heinz@xinfo.de
Beschreibung: C:\Users\fabs\AppData\Roaming\Microsoft\Signatures\xinfo-Dateien\bgbottom.pn g
X-info Wieland Sacher GmbH IT-Beratung · Dienstleistung · Entwicklung Automotive IT · Application Solutions · Communications
Am Stichgartl 6 | 85764 Oberschleißheim | Tel +49-89-31770785 | Fax +49-89-31770786 | http://www.xinfo.de www.xinfo.de
Geschäftsführung: Dipl. Phys. Wieland Sacher | Sitz der Gesellschaft:Oberschleißheim Amtsgericht München HRB 1088 49 | UST-Nr:143-828-10155 | UID-NR: DE170540430
http://www.app-solut.com/ Beschreibung: APP-SOLUT
Mobile Applications · Internet Applications · Customized Software
2011/12/1 Fabian Heinz fabian.heinz@xinfo.de
Hi together,****
I want to setup password policy in a small company. ****
We’re using openldap for a while without any pw constraints. ****
Now I got ppolicy working and pw update fails correctly on the defined constraints.****
But I am not able to load the pwdCheckModule.****
I implemented some basic function which should always fail, just to see it is working. But it seems not be loaded.****
I compiled it as shared library with libtool and tried different locations with no result.****
I even cannot find any logging information about that. ****
Can you give some tips where to find the loggings or how to increase them. At the moment I configured slapd.conf to loglevel -1 ****
And can only find logging in the syslog ****
Here my policy ldif****
version: 1****
DN: cn=default,ou=policies,dc=company,dc=com****
objectClass: top****
objectClass: device****
objectClass: pwdPolicy****
objectClass: pwdPolicyChecker****
cn: default****
pwdAllowUserChange: TRUE****
pwdAttribute: userPassword****
pwdCheckModule: libcheck_password.so****
pwdCheckQuality: 1****
pwdExpireWarning: 432000****
pwdFailureCountInterval: 0****
pwdGraceAuthNLimit: 0****
pwdInHistory: 0****
pwdLockout: TRUE****
pwdLockoutDuration: 1920****
pwdMaxAge: 7516800****
pwdMaxFailure: 4****
pwdMinLength: 8****
pwdMustChange: TRUE****
pwdSafeModify: FALSE****
I tried to put the shared library to /usr/local/lib and /usr/lib/ldap****
Both had not effect.
Hi,
try to configure modulepath directive with the path containing your module. By default, modules are searched in OPENLDAP_ROOT/libexec/openldap/
Clément.
openldap-technical@openldap.org
-
Clément OUDOT -
Fabian Heinz