______________________________________ >From: 389-users-bounces at lists.fedoraproject.org [389-users-bounces at lists.fedoraproject.org] on behalf of Rich Megginson [rmeggins at redhat.com] >Sent: 13 October 2010 15:57 >To: General discussion list for the 389 Directory server project. >Subject: Re: Magic required for subtree password policy? > >Gerrard Geldenhuis wrote: > Hi > The admin guide says that one should use ns-newpwpolicy.pl script to set subtree password policies on the command line. Can we also set this using ldifs or is there some magic that this script perform >that can't be achieved by using ldifs? >> >Depends on what you mean by magic. If you're starting from scratch, a >clean tree, you should be able to do everything by ldif files + >ldapmodify. If you want to add to or modify an existing subtree >password policy, that may be difficult to do with just ldif files - you >may have to search first, then alter your ldif based on the search results. Thanks, the question was related to starting from scratch. > >The ns-newpwpolicy.pl script essentially just generates ldif and passes >that to ldapmodify. > >See >http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html-single/Administration_Guide/index.html#Configuring_the_Password_Policy->Configuring_SubtreeUser_Password_Policy_Using_the_Command_Line >> Regards I did read that documentation, but I was unclear wether the documentation wanted you to only use the command or whether modifying using ldifs were permitted. I guess that specifying the command prevents unnecessary support calls or emails on the list because of faulty configuration. Regards ________________________________________________________________________ In order to protect our email recipients, Betfair Group use SkyScan from MessageLabs to scan all Incoming and Outgoing mail for viruses. ________________________________________________________________________
