Prashanth Sundaram wrote:
I followed HowTo:Posix on 389-ds documentation and added
and posixAccount object class to all my users.
*Is shadowAccount ObjectClass really required?* I vaguely remember it is
required for password policy to work, but any other usage other than
that? I can get it to work fine without adding it.
The nss_ldap of some OS's (Solaris for one) use shadowAccount so I guess
using that provides the most general general. It is possible to add
mapping to make things work in nss_ldap without having shadowAccount in
user entries (and want your users to work on Solaris).