> On Jun 21, 2016, at 3:13 PM, Jan Sindberg <[email protected]> wrote:
>
> The api documentation for PwPolicyMgr mentions OpenLDAP but not ApacheDS.
> Is the policies limited to OpenLDAP or do they work with ApacheDS?
Hi Jan,
Good question. It ‘should’ but I have not tested it.
First you will need to find out if apacheds supports the same control for pw
policies as openldap:
public interface PasswordPolicy extends Control
{
/** the password policy request control */
String OID = "1.3.6.1.4.1.42.2.27.8.5.1”;
(my assumption is ‘yes’ but don’t know for sure)
Second, you will enable your test server to use the pw policy control. Third,
you will need to set server type to ‘openldap’ in the fortress.properties.
Fourth, run the junit tests and see what happens.
Because you beed ti set the server type to openldap, the tests will try to
interrogate the slapo audit log and fail because it doesn’t work in apacheds.
But all of the other tests should pass in particular the password policies that
run at the end of the test sequence should all pass.
I will support this effort by helping with bugs or config problems. One thing
I can see right away is we’ll need to allow fortress to interrogate pw policies
when server type is apacheds. But you can work around that problem in the way
I’ve described on 3rd step.
Thanks,
Shawn
