Hi, I installed openldap 2.4.40 on ubuntu 12.04LTS
I enabled ppolicy while configuring the installation. ./configure --enable-hdb --enable-ppolicy --enable-syncprov --with-tls I want to specify a password check module (to check for minimum upper cases, lower cases, digits, etc). I got the module from http://ltb-project.org/wiki/documentation/openldap-ppolicy-check-password I created a password policy very similar to the one given in the documentation: dn: cn=default,ou=policies,dc=example,dc=com cn: default objectClass: pwdPolicy objectClass: person objectClass: top pwdAllowUserChange: TRUE pwdAttribute: userPassword pwdCheckQuality: 1 pwdCheckModule: check_password.so pwdExpireWarning: 600 pwdFailureCountInterval: 30 pwdGraceAuthNLimit: 0 pwdInHistory: 5 3 pwdLockout: TRUE pwdLockoutDuration: 60 0 pwdMaxAge: 1200 pwdMaxFailure: 3 pwdMinAge: 0 pwdMinLength: 8 pwdMustChange: FALSE pwdSafeModify: FALSE sn: dummy value slapd.conf: modulepath /usr/local/lib moduleload check_password.so While adding this password policy to ldap, I get the error: ldap_add: Object class violation (65) attribute info: attribute 'pwdCheckModule' not allowed The log level is 256 and doesn't say much besides giving the same error. Let me know where I have gone wrong. -Guruprasad
