[Fedora-directory-users] Issue with fine-grained password policy
Mike Jackson
mj at sci.fi
Wed Oct 25 21:31:27 UTC 2006
Ian Meyer wrote:
> Hello all,
>
> I set up FDS 1.0.2 on a server and got everything configured and
> imported etc etc.. things
> work great, I can authenticate against it, make updates.. but I can
> not get our linux
> clients to warn me about changing my password, expiration, length,
> etc.. I followed the instructions on
> http://www.redhat.com/docs/manuals/dir-server/ag/7.1/password.html#1074672
> to set up a global config, and a user config. Is there anything on the
> client side for PAM that needs to be configured? I've been pouring
> over this for a couple of days now so I may just be blind to a small
> detail I may have missed. Any help/insight would be appreciated.
This functionality (returning requested password policy response message
in conjunction with password change extop) needs support from two sides,
pam_ldap and slapd.
The functionality is missing from the current version of slapd, but
should be available in the next version afaik.
I am unsure of pam_ldap's support for password change extop or parsing
password policy control response messages. Clearly, this is a piece of
missing basic functionality, as a whole, that makes linux itself look
incapable compared to windows.
--
mike
More information about the 389-users
mailing list