upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2026-02-14 08:13:10 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add access control recommendation to discussion of password hashing.

Browse source
This commit is contained in:
Kurt Zeilenga 2005-12-20 00:39:28 +00:00
parent 4dbc76ebef
commit 553f59b900
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
doc/man/man5/slapo-ppolicy.5
View file

@ -39,9 +39,11 @@ and no default is given, then no policies will be enforced.
.TP
.B ppolicy_hash_cleartext
Specify that cleartext passwords present in Add and Modify requests should
be hashed before being stored in the database. This violates the X.500
be hashed before being stored in the database. This violates the X.500/LDAP
information model, but may be needed to compensate for LDAP clients that
don't use the Password Modify exop to manage passwords.
don't use the Password Modify extended operation to manage passwords. It
is recommended that when this option is used that compare, search, and
read access be denied to all directory users.
.TP
.B ppolicy_use_lockout
A client will always receive an LDAP