On Tue, Oct 12, 2010 at 6:30 PM, Francis Lachapelle <[email protected]>wrote:
> > On Oct 12, 2010, at 7:54 AM, Mohit Chawla wrote: > > > Ok, not that easy. > > > > That adds a bunch of things that need to be configured for LDAP, mainly > figuring out how to use the ppolicy schema or the module, the slapd.conf > directives et al. If somebody has pointers for a minimal setup for this, it > would be nice to know. > > I suggest reading this following page : > > http://www.zytrax.com/books/ldap/ch6/ppolicy.html > > > Francis > > -- > [email protected] :: +1.514.755.3640 :: http://www.inverse.ca > Inverse :: Leaders behind SOGo (http://sogo.nu) and PacketFence ( > http://packetfence.org) > > -- > [email protected] > https://inverse.ca/sogo/lists > Yes, that and the man pages are nicely written. But some validation still will be helpful ! This is what I am doing: *slapd.conf* (relevant snippet) include /etc/ldap/schema/ppolicy.schema database bdb overlay ppolicy ppolicy_default "cn=defaultpolicy,dc=foo,dc=com" *defaultpolicy* # defaultpolicy, foo.com dn: cn=defaultpolicy,dc=foo,dc=com cn: defaultpolicy sn: defaultpolicy objectClass: pwdPolicy objectClass: person pwdAttribute: userPassword This seems to make SOGo work fine (otherwise a user requires two logins initially for successful authentication ) and no errors are present in the slapd logs ( if this is not in place then slapd complains about a slapd_control not being available, related to ppolicy). If anyone has any tips regarding this minimal configuration, that would be nice ! Thanks. -- [email protected] https://inverse.ca/sogo/lists
