> On Mon, 2005-09-12 at 17:10 -0700, Howard Chu wrote: >> Samuel Tran wrote: >> > Hi All, >> > >> > I am testing OL 2.3.7 on a Debian Sarge box. >> > I would like to implement the password policy overlay. >> > >> > When I try to create a dn that would hold the password policy: >> > >> > [EMAIL PROTECTED]:~$ ldapmodify -vv -x -W -D >> > "uid=stran,ou=people,dc=example,dc=com" -H ldap://localhost -f >> > passwd_cn.ldif >> > ldap_initialize( ldap://localhost ) >> > Enter LDAP Password: >> > replace cn: >> > password >> > replace objectClass: >> > organizationalRole >> > pwdPolicy >> > replace pwdattribute: >> > userpassword >> > modifying entry "cn=password,ou=Policies,dc=example,dc=com" >> > modify complete >> > ldap_modify: Invalid syntax (21) >> > additional info: pwdattribute: value #0 invalid per syntax >> > >> > I don't understand why I get that error message. >> > >> > >> It looks like slapd's objectIdentifierMatch rule doesn't understand >> descriptions (though it is supposed to). You'll have to use the numeric >> OID instead, until that is fixed. >> > > Howard, > > I tried using the userPassword OID instead and got another error > message: > > [EMAIL PROTECTED]:~$ ldapmodify -vv -x -W -D > "uid=stran,ou=people,dc=example,dc=com" -H ldap://localhost -f > passwd_cn.ldif > ldap_initialize( ldap://localhost ) > Enter LDAP Password: > replace cn: > password > replace objectClass: > organizationalRole > pwdPolicy > replace pwdattribute: > 2.5.4.35 > modifying entry "cn=password,ou=Policies,dc=example,dc=com" > modify complete > ldap_modify: No such object (32) > matched DN: ou=Policies,dc=example,dc=com > > I filed an ITS: #4025 > http://www.OpenLDAP.org/its/index.cgi?findid=4025 >
Using the numeric OID actually worked. I wrongly used ldapmodify instead of ldapadd. However using the name 'userPassword' still does not work. Sam
