Issue with fine-grained password policy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> Date: Wed, 25 Oct 2006 14:40:45 -0700
> From: "George Holbert" <gholbert at broadcom.com>

> Last time I looked at this, I vaguely recall finding that pam_ldap 
> doesn't pay too much attention to FDS password metadata for expiration 
> warnings or strength restrictions.  So what you're seeing may be the norm.
> Hopefully someone else out there will have better news for you on this.

Actually PADL's pam_ldap has had support for Netscape password policy 
for many years - you just have to enable it and tell it the DN of the 
policy object. Recently support has also been added for the IETF draft 
LDAP password policy specification too, and it works well with the 
OpenLDAP implementation of this spec. The OpenLDAP implementation has 
also been tested successfully with CA eTrust, so there are at least a 
couple implementations out there supporting the IETF spec.

> Ian Meyer wrote:
>> > Hello all,
>> >
>> > I set up FDS 1.0.2 on a server and got everything configured and
>> > imported etc etc.. things
>> > work great, I can authenticate against it, make updates.. but I can
>> > not get our linux
>> > clients to warn me about changing my password, expiration, length,
>> > etc.. I followed the instructions on
>> > http://www.redhat.com/docs/manuals/dir-server/ag/7.1/password.html#1074672 
>> >
>> > to set up a global config, and a user config. Is there anything on the
>> > client side for PAM that needs to be configured? I've been pouring
>> > over this for a couple of days now so I may just be blind to a small
>> > detail I may have missed. Any help/insight would be appreciated.
>> >
>> > Thanks in advance,
>> > Ian

-- 
   -- Howard Chu
   Chief Architect, Symas Corp.  http://www.symas.com
   Director, Highland Sun        http://highlandsun.com/hyc
   OpenLDAP Core Team            http://www.openldap.org/project/




[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux