Results 1 to 3 of 3

Thread: Authentication server (LDAP) enable password policy

  1. #1

    Default Authentication server (LDAP) enable password policy

    Yast Network Services Authentication Server (LDAP)

    In Leap 42.2 and 42.3 beta it is not possible to enable the LDAP password policy using Yast.
    Error message: Other (e.g., implementation specific) error: <olcAccess> handler exited with 1
    Bug: 1010943 and 1047217

    Is there any workaround for the problem?
    I need the configure the setting on my server.

    Thank you
    Regards

  2. #2
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    11,298
    Blog Entries
    2

    Default Re: Authentication server (LDAP) enable password policy

    If there is a problem using YaST to configure your LDAP password policies,
    I guess you can try going to the original OpenLDAP documentation and configuring manually...

    http://www.openldap.org/doc/admin24/overlays.html

    Recommend you do your experimentation on a clone, eg If you're deploying virtualized Domain Controllers (recommended), then clone a DC, configure it as a new DC so you have something disposable. and as needed supports snapshots and can be rolled back as you test.

    Good Luck,
    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  3. #3

    Default Re: Authentication server (LDAP) enable password policy

    Problem resolved with the kind help of Howard Guo:

    The OpenLDAP server package on Leap appears to not load password policy module by default.

    Try running the following command to instruct server to load the module:

    ldapmodify -H ldapi:/// -Y EXTERNAL

    And then enter:

    dn: cn=module{0},cn=config
    changetype: modify
    add: olcModuleLoad
    olcModuleLoad: ppolicy.so

    If it was successful, there should be an output line:
    modifying entry "cn=module{0},cn=config"

    From there, Yast authentication server configuration should work properly.

    Thank you Howard

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •