LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (http://www.linuxquestions.org/questions/linux-software-2/)
-   -   OpenLDAP "pwdPolicySubentry" for ppolicy not applying (http://www.linuxquestions.org/questions/linux-software-2/openldap-pwdpolicysubentry-for-ppolicy-not-applying-887113/)

cheetos 06-18-2011 08:58 PM

OpenLDAP "pwdPolicySubentry" for ppolicy not applying
 
Hello,

I'm trying to get ppolicy to work on a CentOS 5.6 server I have at home running OpenLDAP 2.3.43. I cannot get pwdPolicySubentry to show up as an available attribute for any user (using ldapadd with LDIF (doesn't error, but attribute does not get applied) or programs such as JXplorer or Apache Directory Studio). I'm able to add pwdPolicy and pwdPolicyChecker as classes, but they don't appear to contain the "pwdPolicySubentry" I desire.

I have the following relevant items in my slapd.conf:

include /etc/openldap/schema/ppolicy.schema

moduleload ppolicy.la

overlay ppolicy
ppolicy_default "cn=noexpirepassword,ou=policies,dc=<snip>,dc=<snip>"

I googled around and took a look at /etc/openldap/schema/ppolicy.schema and noticed that the section for pwdPolicySubentry was commented out within the schema file. I tried removing the leading #'s but this did not improve my luck.

Any insight is very much appreciated. Thank you.

cheetos 06-19-2011 07:24 PM

Nevermind, I tried slapcat and noticed the entry was actually there, and modifying it per user functions correctly...

Now to find a working pwdCheckModule... anyone know of one? :)


All times are GMT -5. The time now is 03:54 PM.