directory-fortress mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Shawn McKinney <smckin...@apache.org>
Subject ApacheDS PW Policy Support
Date Sat, 10 Jun 2017 16:08:03 GMT
Now have full support of apacheds password policies.  Changes described here:
https://issues.apache.org/jira/browse/FC-211

In order to use, define apacheds policies in the normal way.  There’s a bit of info here:
 
http://directory.apache.org/apacheds/advanced-ug/4.3-password-policy.html

These policy objects *must* reside under this org unit node:
ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config

They can be active in one of two ways:

1. global default, is typically this one:
ads-pwdid=Default,ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config

which applies to all users who otherwise don’t have valid policy specified by the pwdAttribute
on their account.

2. set per user by specifying pwdAttribute that points to an object under the policy ou.

For more info, run the fortress junit tests and look at the data generated and set for users
and policy objects.

There should be a document that describes the usage on our project page.  Will add before
the next release.

Shawn

Mime
View raw message