Re: Adding to the schema

Wed, 29 Mar 2023 11:25:20 -0700 

So I'm still on this.  Since I'm running cn=config rather than slapd.conf,
I'm confused as to where to put the:

overlay ppolicy

I don't have a:  database mdb

Here's my slapd.ldif that I loaded in (with the added olcModuleload you
told me to add):

dn: cn=config
objectClass: olcGlobal
cn: config
olcArgsFile: /var/lib/openldap/slapd.args
olcPidFile: /var/lib/openldap/slapd.pid

dn: cn=schema,cn=config
objectClass: olcSchemaConfig
cn: schema

dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulepath: /usr/libexec/openldap
olcModuleload: back_mdb.la
olcModuleload ppolicy.so

# Include more schemas in addition to default core
include: file:///etc/openldap/schema/core.ldif
include: file:///etc/openldap/schema/cosine.ldif
include: file:///etc/openldap/schema/nis.ldif
include: file:///etc/openldap/schema/inetorgperson.ldif
include: file:///etc/openldap/schema/sudo.ldif

dn: olcDatabase=frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: frontend
olcAccess: to dn.base="cn=Subschema" by * read
olcAccess: to *
  by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth"
manage
  by * none

dn: olcDatabase=config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: config
olcRootDN: cn=config
olcAccess: to *
  by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth"
manage
  by * none


So where would I put the:  overlay ppolicy


Thanks,
Eric

On Tue, Mar 7, 2023 at 12:21 PM Quanah Gibson-Mount <qua...@fast-mail.org>
wrote:

>
>
> --On Tuesday, March 7, 2023 12:16 PM -0700 Eric Fetzer
> <eric.fet...@gmail.com> wrote:
>
> >
> > I'm using 2.6.4.  Sorry, brand new at this, how do I enable it?  I
> > don't see any references to it in the slapd.conf...  I'm in the process
> > of converting an ISDS db to OpenLDAP.  Kind of daunting so far...
>
>
> Generally speaking:
>
> In the portion of your configuration loading module:
>
> modulepath ....
> moduleload ppolicy.so
>
>
> In the database section of your configuration where you want to apply
> password policies
>
>
> database mdb
> ...
>
> overlay ppolicy
>
>
> Regards,
> Quanah
>
>
>

Reply via email to