1:41 p.m.
Hi list,
I'd like to do something rather simple (at least to me) with password policy :
* Ensure the userPassword is 6 characters long at least
* Ensure there's at least onenumber
* Ensure there's at least one uppercase character
I found out my first condition can be set by using the pwdMinLength
attribute and the ppolicy overlay, but what should I do for the other
two ? If it implies using pwdCheckModule and writing a C function and
plugging it into openldap then I find it rather difficult for an ldap
administrator just wanting to enforce policies...
Is there any plan to make things easier, like having openldap
providing 2 or 3 default C functions for this module ?
Finally, why is it taking so long for the IETF to approve the ppolicy
draft published in 2001 ? Has the effort been abandonned ?
Thanks,
Vincent
3 p.m.
On Friday 06 June 2008 14:41:42 Vincent Panel wrote:
Hi list,
I'd like to do something rather simple (at least to me) with password
policy : * Ensure the userPassword is 6 characters long at least
* Ensure there's at least onenumber
* Ensure there's at least one uppercase character
I found out my first condition can be set by using the pwdMinLength
attribute and the ppolicy overlay, but what should I do for the other
two ? If it implies using pwdCheckModule and writing a C function and
plugging it into openldap then I find it rather difficult for an ldap
administrator just wanting to enforce policies...
http://www.openldap.org/lists/openldap-technical/200804/msg00170.html
Is there any plan to make things easier, like having openldap
providing 2 or 3 default C functions for this module ?
IMHO it would be worthwhile providing some modules by default.
Finally, why is it taking so long for the IETF to approve the
ppolicy
draft published in 2001 ? Has the effort been abandonned ?
AFAIK there is a new draft ...
Regards,
Buchan
9:07 a.m.
On Fri, Jun 6, 2008 at 4:00 PM, Buchan Milne <bgmilne(a)staff.telkomsa.net> wrote:
On Friday 06 June 2008 14:41:42 Vincent Panel wrote:
> Hi list,
>
> I'd like to do something rather simple (at least to me) with password
> policy : * Ensure the userPassword is 6 characters long at least
> * Ensure there's at least onenumber
> * Ensure there's at least one uppercase character
>
> I found out my first condition can be set by using the pwdMinLength
> attribute and the ppolicy overlay, but what should I do for the other
> two ? If it implies using pwdCheckModule and writing a C function and
> plugging it into openldap then I find it rather difficult for an ldap
> administrator just wanting to enforce policies...
http://www.openldap.org/lists/openldap-technical/200804/msg00170.html
Thanks for the link by the way.
5093
days inactive
5094
days old
openldap-technical@openldap.org
2 comments
2 participants
participants (2)
-
Buchan Milne -
Vincent Panel