https://bugs.openldap.org/show_bug.cgi?id=9656
--- Comment #5 from David Coutadeur <[email protected]> --- > "If for some reasons, any parameter is not found, it will be given its > default value." this is true for ppm parameters, not for password policy parameters. Especially, pwdCheckModule does not have default values. > when using ppm.so in OpenLDAP 2.4 the ppm.so,while included in the schema, > didn't need the fully qualified pathname (I assume that the path was handled > via the modulepath statement in the slapd.conf) and I don't know that that > particular change is documented anywhere particularly succinctly. I don't think ppolicy can guess any extension path... Neither in 2.4 nor in 2.5. > Either 1). slapd shouldn't start if these parameters are requirements when > using ppolicy These parameters can evolve while OpenLDAP is running. As I explained before, it is the responsability of the admin to ensure the pwdCheckModule parameter is set accordingly. > 2). slapd shouldn't crash and should give a warning that default values are > being used and one should verify if those defaults are valid or simply warn > that ppolicy won't be used as necessary settings have not been populated. slapd can't know any requirement about a given extended module. -- You are receiving this mail because: You are on the CC list for the issue.
