Hey Thanks for the response. I found some rpms for the newer version of ldap from here http://staff.telkomsa.net/packages/rhel5/openldap and I just installed them. Looks like a lot of changes in this version. We are trying to implement and single signon system for our services and thought ldap would be a good choice. You mentioned using PAM with ldap can you provide me with a little more on that. Thanks John Allgood Senior Systems Administrator Turbo, division of OHL 2251 Jesse Jewell Pky. NE Gainesville, GA 30507 tel: (678) 989-3051 fax: (770) 531-7878 jallgood@xxxxxxx www.ohl.com -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of m.roth2006@xxxxxxx Sent: Tuesday, January 13, 2009 10:32 AM To: General Red Hat Linux discussion list Subject: Re: FW: ppolicy in openldap Hi, John, ---- Original message ---- >Date: Tue, 13 Jan 2009 09:10:13 -0600 >From: "Allgood, John" <jallgood@xxxxxxx> > >I tried to send the below message to the openldap list and could get it Yeah, well, when I was fighting openldap around Sept of '06, they were *not* a lot of help - lots of "that question's already been answered", and "this is the wrong forum for that question". I was unimpressed with their help. Not to mention, as far as I'm concerned, it ain't ready for prime time - the lack of tools, and the usefulness of what they do offer, sucks. >to go through. I know the redhat list has a lot of expertise in a wide >range of topics. > >I am fairly new to openldap and have some questions about password >policys. We are running ldap on RHEL5 and using openldap 2.3.27. The >ppolicy overlay gives me a lot of what I need but RHEL5 does not seem to >have it installed. How can I get this installed? Also the best that I You can either find the rpm, or pull source from the openldap group directly. >can tell is that ppolicy does not have any dictionary checks either. Is >this true or did I just miss something? What I would like to setup is >what we currently have in place using cracklib. Minlen=8 at least 1 >Uppercase, 1 Lowercase, 1 Number, 1 special char. > I'm not sure - it's been six months or more since I dealt with this, but you might check the "what's new" for both 2.3 and 2.4. The former added ppolicy, and password aging. An alternative is in PAM, which *does* allow that, though I guess you want to implement it on the openLDAP server.... mark -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
