[389-users] Magic required for subtree password policy?

[Gerrard Geldenhuis]

______________________________________
>From: 389-users-bounces at lists.fedoraproject.org [389-users-bounces at lists.fedoraproject.org] on behalf of Rich Megginson [rmeggins at redhat.com]
>Sent: 13 October 2010 15:57
>To: General discussion list for the 389 Directory server project.
>Subject: Re: [389-users] Magic required for subtree password policy?
>
>Gerrard Geldenhuis wrote:
> Hi
> The admin guide says that one should use ns-newpwpolicy.pl script to set subtree password policies on the command line. Can we also set this using ldifs or is there some magic that this script perform >that can't be achieved by using ldifs?
>>
>Depends on what you mean by magic.  If you're starting from scratch, a
>clean tree, you should be able to do everything by ldif files +
>ldapmodify.  If you want to add to or modify an existing subtree
>password policy, that may be difficult to do with just ldif files - you
>may have to search first, then alter your ldif based on the search results.

Thanks, the question was related to starting from scratch.


>
>The ns-newpwpolicy.pl script essentially just generates ldif and passes
>that to ldapmodify.
>
>See
>http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html-single/Administration_Guide/index.html#Configuring_the_Password_Policy->Configuring_SubtreeUser_Password_Policy_Using_the_Command_Line
>> Regards

I did read that documentation, but I was unclear wether the documentation wanted you to only use the command or whether modifying using ldifs were permitted. I guess that specifying the command prevents unnecessary support calls or emails on the list because of faulty configuration.

Regards

________________________________________________________________________
In order to protect our email recipients, Betfair Group use SkyScan from 
MessageLabs to scan all Incoming and Outgoing mail for viruses.

________________________________________________________________________