I need a way to disable an ldap user in OpenLDAP, I'm following this answer
http://www.openldap.org/lists/openld.../msg00107.html
In my slapd.conf I have the next inf...
include /etc/openldap/schema/ppolicy.schema
moduleload ppolicy.la
overlay ppolicy
ppolicy_default "cn=default,ou=pwpolicies,dc=prueba,dc=co"
Also I have this entry...
dn: cn=user,ou=pwpolicies,dc=prueba,dc=co
objectClass: pwdPolicy
objectClass: top
objectClass: person
pwdAttribute: 2.5.4.35
cn: user
pwdMaxAge: 604800
pwdInHistory: 3
pwdMaxFailure: 3
pwdLockout: TRUE
pwdMustChange: TRUE
pwdMinLength: 10
pwdSafeModify: TRUE
Now I'm trying to add:
dn: cn=pepito,cn=Users,dc=prueba,dc=co
changetype: modify
add: pwdPolicySubentry
pwdPolicy: cn=user,ou=pwpolicies,dc=prueba,dc=co
and the result is:
modifying entry "cn=pepito,cn=Users,dc=prueba,dc=co"
ldapadd: Undefined attribute type (17)
additional info: pwdPolicy: attribute type undefined
I try "pwdPolicySubentry" instead of "pwdPolicy" too but it doesn't work.
In my ppolicy.schema file I have uncommented the pwdAccountLockedTime and the pwdPolicySubentry attributetypes but nothing is working.
Anybody know what can I do? Again... please help !