Philip Kime wrote:
Yes. The global setting must be enabled to use any sort of password syntax checking. You can then override it at the subtree or user level.Hmm - If I enable password syntax checking globally, it works - ldappasswd applies the policy and so does PAM via pam_ldap. If it's a local policy on a subtree or user, it doesn't? I have checked and the cn=config "nsslapd-pwpolicy-local" is set to "on" so it should be applying local password policies. Do I have to enable the password syntax checking at a global level (possibly with no actual restrictions) and then overide it at the local level?
-NGK
PK -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users