Content preview: Yeah. I ended up looking at the man page and kind of got the
point. It would be great if there was a way to apply a pwdPolicySubentry
to a subtree and have all newly created accounts inherit the policy. I am
transitioning from RHDS which has that functionality. [...]
Content analysis details: (-1.9 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: openldap.org]
-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay
domain
-0.0 SPF_PASS SPF: sender matches SPF record
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
Yeah. I ended up looking at the man page and kind of got the point. It would be great if there was a way to apply a pwdPolicySubentry to a subtree and have all newly created accounts inherit the policy. I am transitioning from RHDS which has that functionality.
Thanks,
Court
-----Original Message-----
From: openldap-technical [mailto:openldap-technical-***@openldap.org] On Behalf Of Marc Patermann
Sent: Thursday, October 15, 2015 4:01 AM
To: openldap-***@openldap.org
Subject: Re: Can a ppolicy be applied to a subtree?
Hi,
Post by Campbell, CourtneyI am curious if a ppolicy can be applied to a subtree so that it is
added to a user account when newly created?
Unfortunately not. I would like to have that too.
As far as I know ppolicy overlay is a database setting. See man slapo-ppolicy.
You can split your DIT to multiple database apply ppolicy to the database with your user account subtree and glue the databases together to behave like a single DIT again.
Marc
________________________________
This message (including any attachments) is confidential and intended for a specific individual and purpose. If you are not the intended recipient, please notify the sender immediately and delete this message.