Date: Wed, 25 Oct 2006 14:40:45 -0700
From: "George Holbert" <gholbert@xxxxxxxxxxxx>
Last time I looked at this, I vaguely recall finding that pam_ldap
doesn't pay too much attention to FDS password metadata for expiration
warnings or strength restrictions. So what you're seeing may be the norm.
Hopefully someone else out there will have better news for you on this.
Actually PADL's pam_ldap has had support for Netscape password policy
for many years - you just have to enable it and tell it the DN of the
policy object. Recently support has also been added for the IETF draft
LDAP password policy specification too, and it works well with the
OpenLDAP implementation of this spec. The OpenLDAP implementation has
also been tested successfully with CA eTrust, so there are at least a
couple implementations out there supporting the IETF spec.
Ian Meyer wrote:
> Hello all,
>
> I set up FDS 1.0.2 on a server and got everything configured and
> imported etc etc.. things
> work great, I can authenticate against it, make updates.. but I can
> not get our linux
> clients to warn me about changing my password, expiration, length,
> etc.. I followed the instructions on
> http://www.redhat.com/docs/manuals/dir-server/ag/7.1/password.html#1074672
>
> to set up a global config, and a user config. Is there anything on the
> client side for PAM that needs to be configured? I've been pouring
> over this for a couple of days now so I may just be blind to a small
> detail I may have missed. Any help/insight would be appreciated.
>
> Thanks in advance,
> Ian
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
