upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-27 18:19:52 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Clarify ppolicy text

Browse source
This commit is contained in:
Howard Chu 2008-04-21 21:44:20 +00:00
parent a4d14fb2ef
commit 660d3acfdc
1 changed files with 7 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
doc/guide/admin/overlays.sdf
View file

@ -857,14 +857,14 @@ You can create additional policy objects as needed.
There are two ways password policy can be applied to individual objects:
1. Default password policy - If, as in the example above, the password policy
module was configured with the DN of a default policy object and if that object
exists, then the policy defined in that object is applied.
1. The pwdPolicySubentry in a user's object - If a user's object has a
pwdPolicySubEntry attribute specifying the DN of a policy object, then
the policy defined by that object is applied.
2. The pwdPolicySubentry in a user's object - If a user's object contains a
value for the pwdPolicySubEntry attribute, and if that object exists, then
the policy defined by that object is applied. Remember that we need to add
object class pwdPolicy to the user's object as well.
2. Default password policy - If there is no specific pwdPolicySubentry set
for an object, and the password policy module was configured with the DN of a
default policy object and if that object exists, then the policy defined in
that object is applied.
Please see {{slapo-ppolicy(5)}} for complete explanations of features and discussion of
"Password Management Issues" at {{URL:http://www.connexitor.com/forums/viewtopic.php?f=6&t=25}}