Hi The admin guide says that one should use ns-newpwpolicy.pl script to set subtree password policies on the command line. Can we also set this using ldifs or is there some magic that this script perform that can't be achieved by using ldifs?
Regards
________________________________________________________________________ In order to protect our email recipients, Betfair Group use SkyScan from MessageLabs to scan all Incoming and Outgoing mail for viruses.
________________________________________________________________________
Gerrard Geldenhuis wrote:
Hi The admin guide says that one should use ns-newpwpolicy.pl script to set subtree password policies on the command line. Can we also set this using ldifs or is there some magic that this script perform that can't be achieved by using ldifs?
Depends on what you mean by magic. If you're starting from scratch, a clean tree, you should be able to do everything by ldif files + ldapmodify. If you want to add to or modify an existing subtree password policy, that may be difficult to do with just ldif files - you may have to search first, then alter your ldif based on the search results.
The ns-newpwpolicy.pl script essentially just generates ldif and passes that to ldapmodify.
See http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html-single/A...
Regards
In order to protect our email recipients, Betfair Group use SkyScan from MessageLabs to scan all Incoming and Outgoing mail for viruses.
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
______________________________________
From: 389-users-bounces@lists.fedoraproject.org [389-users-bounces@lists.fedoraproject.org] on behalf of Rich Megginson [rmeggins@redhat.com] Sent: 13 October 2010 15:57 To: General discussion list for the 389 Directory server project. Subject: Re: [389-users] Magic required for subtree password policy?
Gerrard Geldenhuis wrote: Hi The admin guide says that one should use ns-newpwpolicy.pl script to set subtree password policies on the command line. Can we also set this using ldifs or is there some magic that this script perform >that can't be achieved by using ldifs?
Depends on what you mean by magic. If you're starting from scratch, a clean tree, you should be able to do everything by ldif files + ldapmodify. If you want to add to or modify an existing subtree password policy, that may be difficult to do with just ldif files - you may have to search first, then alter your ldif based on the search results.
Thanks, the question was related to starting from scratch.
The ns-newpwpolicy.pl script essentially just generates ldif and passes that to ldapmodify.
See http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html-single/A...
Regards
I did read that documentation, but I was unclear wether the documentation wanted you to only use the command or whether modifying using ldifs were permitted. I guess that specifying the command prevents unnecessary support calls or emails on the list because of faulty configuration.
Regards
________________________________________________________________________ In order to protect our email recipients, Betfair Group use SkyScan from MessageLabs to scan all Incoming and Outgoing mail for viruses.
________________________________________________________________________
389-users@lists.fedoraproject.org