Hi all --
I'm putting together a new DSpace installation (3.2 on RHEL 6.4,
with the xmlui), and I have a requirement to enforce password
complexity and expiration rules.
My first thought was to do this by using a local LDAP for
authentication -- I think I've learned what I need to know about
LDAP, but I've run into a snag. If I turn on both PasswordAuthentication
and LDAPAuthentication in the authentication.cfg file, users are
offered a choice at log-in time, and, once an LDAP user is registered,
it seems that they can then set up a PasswordAuthentication password,
thus bypassing the LDAP controls.
If I set up the system as being exclusively LDAP, then the
admin user set up at install time via create-administrator
cannot log in at all.
Has anyone solved this problem?
I strongly favor an LDAP-based solution, because it would mean
that I can use the same LDAP for a number of other web applications
on the machine, and strike a blow against password proliferation.
Thanks.
-- A.
--
Dr. Andrew C. E. Reid
Physical Scientist, Computer Operations Administrator
Center for Theoretical and Computational Materials Science
National Institute of Standards and Technology, Mail Stop 8555
Gaithersburg MD 20899 USA
andrew.r...@nist.gov
------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. Consolidate legacy IT systems to a single system of record for IT
2. Standardize and globalize service processes across IT
3. Implement zero-touch automation to replace manual, redundant tasks
http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
_______________________________________________
DSpace-tech mailing list
DSpace-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-tech
List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
