Hi all -- I'm putting together a new DSpace installation (3.2 on RHEL 6.4, with the xmlui), and I have a requirement to enforce password complexity and expiration rules.
My first thought was to do this by using a local LDAP for authentication -- I think I've learned what I need to know about LDAP, but I've run into a snag. If I turn on both PasswordAuthentication and LDAPAuthentication in the authentication.cfg file, users are offered a choice at log-in time, and, once an LDAP user is registered, it seems that they can then set up a PasswordAuthentication password, thus bypassing the LDAP controls. If I set up the system as being exclusively LDAP, then the admin user set up at install time via create-administrator cannot log in at all. Has anyone solved this problem? I strongly favor an LDAP-based solution, because it would mean that I can use the same LDAP for a number of other web applications on the machine, and strike a blow against password proliferation. Thanks. -- A. -- Dr. Andrew C. E. Reid Physical Scientist, Computer Operations Administrator Center for Theoretical and Computational Materials Science National Institute of Standards and Technology, Mail Stop 8555 Gaithersburg MD 20899 USA andrew.r...@nist.gov ------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk _______________________________________________ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette