Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I am trying to find how to change some password policy settings in openLDAP (on a system-wide level) level not on a per user level)such that ALL LDAP account users ie existing and new users have their passwords to expire after 90 days.
I know the main parameter that controls this is the maxPasswdAge parameter but i am not sure how to set this .I have tried different LDApmodify options
but it fails
the error messages was .. modifying entry "cn=pwdpoilicyentry,cn=common,cn=products,cn=Oraclecontext,dc=mydomain,dc=com"
ldapmodify :no such object(32)
matched DN: dc=mydomain ,dc=com
My questions are
1. Are there any alternatives to doing this ie 1. just change a setting manually somewhere in some configuration file and restart the ldap server. ?
2.Are there any service to bounce once done
3.Also i would like to set the pwdExpireWarning setting such that users are warned before their password expires
Does this need any service bounced or restarted after this change ie does ldap service need to be restarted.
I have googled this but found nothing
also on the local linux users machine on i used chage -M to reset the maximum password expiry date for users but again this comand has to run on an adhoc basis per user or maybe by writing a script to do this.Again is there a system wide level change i have made channges in /etc/login-defs but it failed with errors .
Does anything need to be set in pam files .
We are running openldap 2.3.43 on RHel 5.3
Can anyone share their experience on this please.Any help would be greatly appreciated.