On Mon, 23 Apr 2018, Tayyab Saeed wrote:
[ Lots of irrelevant top-posting deleted ]
How can we disable password policy completely?
Maybe it's just me, but why would anyone want to?
--
Dave Horsfall DTM (VK2KFU) "Those who don't understand security will suffer."
ot;
<matthieu.ce...@nbs-system.com>
Sent: Thursday, April 19, 2018 5:36:04 PM
Subject: Re: exempt some users from OpenLDAP password policy
What your ldap tree look like (the relevant parts, users, current ppolicy)?
As far as links, there are soo many out there. Just search for on
Macias" <dav...@gmail.com>
> *To: *"Tayyab Saeed" <tayyab.sa...@nds.com.pk>
> *Cc: *openldap-technical@openldap.org, "Matthieu Cerda"
> <matthieu.ce...@nbs-system.com>
> *Sent: *Thursday, April 19, 2018 5:36:04 PM
> *Subject: *Re: exempt som
acias" <dav...@gmail.com>
*To:* "Matthieu Cerda" <matthieu.ce...@nbs-system.com>
*Cc:* openldap-technical@openldap.org
*Sent:* Friday, April 13, 2018 8:27:04 PM
*Subject:* Re: exempt some users from OpenLDAP password policy
Here is an example which you can apply per-user which
ieu.ce...@nbs-system.com>
Cc: openldap-technical@openldap.org
Sent: Friday, April 13, 2018 8:27:04 PM
Subject: Re: exempt some users from OpenLDAP password policy
Here is an example which you can apply per-user which needs to be exempted:
dn: cn=ppolicy-exclude,ou=policies,dc=organiza
Yes, it's possible, as already mentioned
http://www.zytrax.com/books/ldap/ch6/ppolicy.html#examples
Just create another policy(less restrictive) if you already have one and
apply it to the specified users
password policy ?
>
> Is it possible in OpenLDAP or not ?
>
> Thanks,
> Tayyab Saeed
> --
> *From: *"Peter Gietz" <peter.gi...@daasi.de> <peter.gi...@daasi.de>
> *To: *openldap-technical@openldap.org
> *Sent: *Friday, April 13, 201
>
> *To: *openldap-technical@openldap.org
> *Sent: *Friday, April 13, 2018 1:08:31 PM
> *Subject: *Re: exempt some users from OpenLDAP password policy
>
> Dear Tayyab,
>
>
> well the error message says most of it.
>
>
> The attribute pwdChangedTime is defined
rg
Sent: Friday, April 13, 2018 1:08:31 PM
Subject: Re: exempt some users from OpenLDAP password policy
Dear Tayyab,
well the error message says most of it.
The attribute pwdChangedTime is defined in sect. 5.3.2. of
https://tools.ietf.org/html/draft-behera-ldap-password-policy-10 as:
Dear Tayyab,
well the error message says most of it.
The attribute pwdChangedTime is defined in sect. 5.3.2. of
https://tools.ietf.org/html/draft-behera-ldap-password-policy-10 as:
...
NO-USER-MODIFICATION
USAGE directoryOperation )
Which means, that an LDAP client is not allowed to
10 matches
Mail list logo
