On Mon, 23 Apr 2018, Tayyab Saeed wrote:
[ Lots of irrelevant top-posting deleted ]
How can we disable password policy completely?
Maybe it's just me, but why would anyone want to?
--
Dave Horsfall DTM (VK2KFU) "Those who don't understand security will suffer."
ot;
<matthieu.ce...@nbs-system.com>
Sent: Thursday, April 19, 2018 5:36:04 PM
Subject: Re: exempt some users from OpenLDAP password policy
What your ldap tree look like (the relevant parts, users, current ppolicy)?
As far as links, there are soo many out there. Just search for on
Macias" <dav...@gmail.com>
> *To: *"Tayyab Saeed" <tayyab.sa...@nds.com.pk>
> *Cc: *openldap-technical@openldap.org, "Matthieu Cerda"
> <matthieu.ce...@nbs-system.com>
> *Sent: *Thursday, April 19, 2018 5:36:04 PM
> *Subject: *Re: exempt som
acias" <dav...@gmail.com>
*To:* "Matthieu Cerda" <matthieu.ce...@nbs-system.com>
*Cc:* openldap-technical@openldap.org
*Sent:* Friday, April 13, 2018 8:27:04 PM
*Subject:* Re: exempt some users from OpenLDAP password policy
Here is an example which you can apply per-user which
ieu.ce...@nbs-system.com>
Cc: openldap-technical@openldap.org
Sent: Friday, April 13, 2018 8:27:04 PM
Subject: Re: exempt some users from OpenLDAP password policy
Here is an example which you can apply per-user which needs to be exempted:
dn: cn=ppolicy-exclude,ou=policies,dc=organiza
Yes, it's possible, as already mentioned
http://www.zytrax.com/books/ldap/ch6/ppolicy.html#examples
Just create another policy(less restrictive) if you already have one and
apply it to the specified users
password policy ?
>
> Is it possible in OpenLDAP or not ?
>
> Thanks,
> Tayyab Saeed
> --
> *From: *"Peter Gietz" <peter.gi...@daasi.de> <peter.gi...@daasi.de>
> *To: *openldap-technical@openldap.org
> *Sent: *Friday, April 13, 201
>
> *To: *openldap-technical@openldap.org
> *Sent: *Friday, April 13, 2018 1:08:31 PM
> *Subject: *Re: exempt some users from OpenLDAP password policy
>
> Dear Tayyab,
>
>
> well the error message says most of it.
>
>
> The attribute pwdChangedTime is defined
rg
Sent: Friday, April 13, 2018 1:08:31 PM
Subject: Re: exempt some users from OpenLDAP password policy
Dear Tayyab,
well the error message says most of it.
The attribute pwdChangedTime is defined in sect. 5.3.2. of
https://tools.ietf.org/html/draft-behera-ldap-password-policy-10 as:
lto:jckid...@aep.com> | D:614.716.4970
1 RIVERSIDE PLAZA, COLUMBUS, OH 43215
From: Jon C Kidder
Sent: Friday, April 13, 2018 7:22 AM
To: 'Tayyab Saeed'; openldap-technical@openldap.org
Subject: RE: [EXTERNAL] exempt some users from OpenLDAP password policy
Once the ppolicy overlay is enabl
US, OH 43215
From: openldap-technical [mailto:openldap-technical-boun...@openldap.org] On
Behalf Of Tayyab Saeed
Sent: Thursday, April 12, 2018 4:55 PM
To: openldap-technical@openldap.org
Subject: [EXTERNAL] exempt some users from OpenLDAP password policy
This is an EXTERNAL email. STOP. THINK befo
Dear Tayyab,
well the error message says most of it.
The attribute pwdChangedTime is defined in sect. 5.3.2. of
https://tools.ietf.org/html/draft-behera-ldap-password-policy-10 as:
...
NO-USER-MODIFICATION
USAGE directoryOperation )
Which means, that an LDAP client is not allowed to
Dear All,
I have tried modifying pwdChangedTime & facing below error
modifying entry
"uid=test1,ou=ITSupport,ou=people,dc=mydomain,dc=com"
ldap_modify: Constraint violation (19)
additional info: pwdChangedTime: no user modification allowed
Thanks,
Tayyab Saeed
13 matches
Mail list logo
