---------- Message transféré ---------- De : Clément OUDOT <[email protected]> Date : 13 janvier 2010 13:55 Objet : Re: [Ltb-users] Ppolicy À : Evo <[email protected]>
2010/1/13 Evo <[email protected]>: > Hi, > > I got the answer to this problem. If anyone else gets the same issue I think > you should know that it is a setting in the file: > > /usr/local/openldap/etc/openldap/ldap.conf > > The normal way to do this on an RedHat machine is via the use of authconfig > command but this command updates (among other files) the /etc/ldap.conf and > /etc/openldap/ldap.conf files. The trouble is that your distribution have > the files saved in /usr/local/openldap/etc/openldap/ folder so the change > authconfig is doing does not really make a difference :) > > The password policy started to be enforced to SSH and OpenVPN as soon as I > added the following to the file /usr/local/openldap/etc/openldap/ldap.conf: > > pam_password exop > pam_lookup_policy yes > > Hope this will save some poor soul a few hours :) Hi Evo, I'm afraid not to agree with you. Our distribution just provides OpenLDAP server and clients, but your RHEL should use the standard LDAP libraires. Indeed, we provide a 2.4 OpenLDAP version, but all RHEL packages are compiled with 2.3 libraries, so both libraries are on the system, and ours are separated in /usr/local/openldap PAM configuration must not be set in OpenLDAP configuration files ! File /etc/ldap.conf is a PAM conf file, not an OpenLDAP one. /etc/openldap/ldap.conf is an OpenLDAP conf file, so you can link it with our : # rm /etc/openldap/ldap.conf # ln -s /usr/local/openldap/etc/openldap/ldap.conf /etc/openldap Clément. _______________________________________________ ltb-users mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-users
