https://bugs.openldap.org/show_bug.cgi?id=10409
Issue ID: 10409
Summary: Implement password policies for the rootdn
Product: OpenLDAP
Version: 2.6.10
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: slapd
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
We have successfully configured the Password Policy overlay (ppolicy) on our
OpenLDAP server. This configuration ensures that accounts are locked after
exceeding the maximum number of failed bind attempts, as defined by the policy.
For example, if the ppolicy is set to lock an account after 5 failed bind
attempts, the server enforces this behavior effectively for all users under the
ppolicy scope.
However, we have observed that the rootdn user does not seem to be subject to
these same password policies. Specifically, even when the rootdn exceeds the
maximum number of failed bind attempts, it does not get locked or restricted in
any way.
We would like to know if there is a way to apply the same password policies
(e.g., account locking after failed bind attempts) to the rootdn.
--
You are receiving this mail because:
You are on the CC list for the issue.
