|
|
1. loaded ldap ppolcy module
|
|
|
|
|
|
1. loaded ldap ppolcy module
|
|
|
```ldif
|
|
|
dn: cn=module{0},cn=config
|
|
|
objectClass: olcModuleList
|
|
|
cn: module{0}
|
|
|
olcModuleLoad: ppolicy.la
|
|
|
```
|
|
|
|
|
|
```ldap
|
|
|
dn: cn=module{0},cn=config
|
|
|
objectClass: olcModuleList
|
|
|
cn: module{0}
|
|
|
olcModuleLoad: ppolicy.la
|
|
|
```
|
|
|
2. add ppolicy overlay
|
|
|
|
|
|
2. add ppolicy overlay
|
|
|
```ldif
|
|
|
dn: olcOverlay=ppolicy,olcDatabase={1}mdb,cn=config
|
|
|
objectClass: olcOverlayConfig
|
|
|
objectClass: olcPPolicyConfig
|
|
|
olcOverlay: ppolicy
|
|
|
olcPPolicyDefault: cn=passwordDefault,ou=Policies,dc=osalliance,dc=com
|
|
|
olcPPolicyHashCleartext: TRUE
|
|
|
olcPPolicyUseLockout: TRUE
|
|
|
olcPPolicyForwardUpdates: FALSE
|
|
|
```
|
|
|
|
|
|
```ldap
|
|
|
dn: olcOverlay=ppolicy,olcDatabase={1}mdb,cn=config
|
|
|
objectClass: olcOverlayConfig
|
|
|
objectClass: olcPPolicyConfig
|
|
|
olcOverlay: ppolicy
|
|
|
olcPPolicyDefault: cn=passwordDefault,ou=Policies,dc=osalliance,dc=com
|
|
|
olcPPolicyHashCleartext: TRUE
|
|
|
olcPPolicyUseLockout: TRUE
|
|
|
olcPPolicyForwardUpdates: FALSE
|
|
|
```
|
|
|
3. add ppolicy configuration
|
|
|
|
|
|
3. add ppolicy configuration
|
|
|
|
|
|
```ldap
|
|
|
dn: cn=passwordDefault,ou=Policies,dc=osalliance,dc=com
|
|
|
objectClass: pwdPolicy
|
|
|
objectClass: person
|
|
|
objectClass: top
|
|
|
cn: passwordDefault
|
|
|
sn: passwordDefault
|
|
|
pwdAttribute: userPassword
|
|
|
pwdCheckQuality: 0
|
|
|
pwdMinAge: 0
|
|
|
pwdInHistory: 5
|
|
|
pwdAllowUserChange: TRUE
|
|
|
pwdExpireWarning: 0
|
|
|
pwdGraceAuthNLimit: 0
|
|
|
pwdMustChange: FALSE
|
|
|
pwdSafeModify: FALSE
|
|
|
pwdLockoutDuration: 600
|
|
|
pwdLockout: FALSE
|
|
|
pwdMaxAge: 0
|
|
|
pwdMinLength: 0
|
|
|
pwdMaxFailure: 0
|
|
|
pwdFailureCountInterval: 20
|
|
|
``` |
|
|
\ No newline at end of file |
|
|
```ldif
|
|
|
dn: cn=passwordDefault,ou=Policies,dc=osalliance,dc=com
|
|
|
objectClass: pwdPolicy
|
|
|
objectClass: person
|
|
|
objectClass: top
|
|
|
cn: passwordDefault
|
|
|
sn: passwordDefault
|
|
|
pwdAttribute: userPassword
|
|
|
pwdCheckQuality: 0
|
|
|
pwdMinAge: 0
|
|
|
pwdInHistory: 5
|
|
|
pwdAllowUserChange: TRUE
|
|
|
pwdExpireWarning: 0
|
|
|
pwdGraceAuthNLimit: 0
|
|
|
pwdMustChange: FALSE
|
|
|
pwdSafeModify: FALSE
|
|
|
pwdLockoutDuration: 600
|
|
|
pwdLockout: FALSE
|
|
|
pwdMaxAge: 0
|
|
|
pwdMinLength: 0
|
|
|
pwdMaxFailure: 0
|
|
|
pwdFailureCountInterval: 20
|
|
|
``` |
|
|
\ No newline at end of file |