<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="fr" xml:lang="fr">
<head>
<meta name="generator" content=
"HTML Tidy for Linux/x86 (vers 6 November 2007), see www.w3.org" />
<title>Lemonldap::NG documentation: password-policy.html</title>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii" />
</head>
<body>
<div class="main-content">
<h2 class="heading-1"><span id="HUsingPasswordPolicy">Using Password
Policy</span></h2>
<p class="paragraph"></p>
<ul>
<li><a href="#HThePasswordPolicyStandard">The Password Policy
Standard</a></li>
<li>
<a href="#HPrerequisites">Prerequisites</a>
<ul>
<li><a href="#HCompliantLDAPserver">Compliant LDAP server</a></li>
<li><a href="#HPerlNet3A3ALDAPmodule">Perl Net::LDAP module</a></li>
</ul>
</li>
<li><a href="#HPasswordPolicyinLemonLDAP3A3ANG">Password Policy in
LemonLDAP::NG</a></li>
</ul>
<h3 class="heading-1-1"><span id="HThePasswordPolicyStandard">The Password
Policy Standard</span></h3>
<p class="paragraph"></p>Password Policy is still now a draft of an LDAPv3
extension and can be read here: <span class="wikiexternallink"><a href=
"https://opends.dev.java.net/public/standards/draft-behera-ldap-password-policy.txt">
https://opends.dev.java.net/public/standards/draft-behera-ldap-password-policy.txt</a></span>
(en). Some LDAP servers implements it, like OpenLDAP and its ppolicy
overlay.
<h3 class="heading-1-1"><span id=
"HPrerequisites">Prerequisites</span></h3>
<h4 class="heading-1-1-1"><span id="HCompliantLDAPserver">Compliant LDAP
server</span></h4>
<p class="paragraph"></p>Your LDAP server must provide the LDAP Password
Policy Control (OID: 1.3.6.1.4.1.42.2.27.8.5.1).
<p class="paragraph"></p>Documentation on how to set ppolicy in OpenLDAP
can be found here: <span class="wikiexternallink"><a href=
"http://www.linagora.org/article165.html">http://www.linagora.org/article165.html</a></span>
(fr).
<h4 class="heading-1-1-1"><span id="HPerlNet3A3ALDAPmodule">Perl Net::LDAP
module</span></h4>
<p class="paragraph"></p>The Net::LDAP::Control::PasswordPolicy is
available since Perl-LDAP 0.36. Please update your Perl installation if
you want to deal with Password Policy in LemonLDAP::NG: <span class=
"wikiexternallink"><a href=
"http://ldap.perl.org/">http://ldap.perl.org/</a></span> (en).
<h3 class="heading-1-1"><span id=
"HPasswordPolicyinLemonLDAP3A3ANG">Password Policy in
LemonLDAP::NG</span></h3>
<p class="paragraph"></p>The Password Policy functionality is available
since LemonLDAP::NG 0.9.1. It allows to display on the portal page 2 new
error messages:
<ul class="star">
<li>Your account is locked</li>
<li>Your password has expired</li>
</ul>Other use case are a work in progress.
<p class="paragraph"></p>To activate Password Policy, you have to set a
new parameter inside you portal perl script (e.g. portal/index.pl), like:
<p class="paragraph"></p>
<div class="code">
<pre>
#!/usr/bin/perl<br /><br />use Lemonldap::NG::Portal::SharedConf;<br /><br />my $portal = Lemonldap::NG::Portal::SharedConf-><span class="java-keyword">new</span>(
{
configStorage => {
type => 'File',
dirName => '/<span class="java-keyword">var</span>/lib/config',
},
<b class="bold">ldapPpolicyControl => 1</b>,
}
);
</pre>
</div>
</div>
</body>
</html>
distrib
>
Mandriva
>
2010.0
>
i586
>
media
>
contrib-release
>
by-pkgid
>
a30e324be723ed0caa14fc5758ff15f0
>
files
>
100
