{{tag>[centos7 linux ldap openldap security ppolicy]}} =====CentOS 7 - OpenLDAP 2.4 password policy (ppolicy)===== ====Configure Provider (master) and consumer (slave)==== * Load the ppolicy schema:# ldapadd -H ldaps:// -x -D "cn=Manager,dc=domain,dc=tld" -W -f /etc/openldap/schema/ppolicy.ldif * Load the module:

# ldapadd -H ldaps:// -x -D "cn=Manager,dc=domain,dc=tld" -W <
  * Add the overlay:# ldapadd -H ldaps:// -x -D "cn=Manager,dc=domain,dc=tld" -W <
====Configure Provider (master)====
  * Create the policies OU:# ldapadd -H ldaps:// -x -D "cn=Manager,dc=domain,dc=tld" -W <
  * Create the ppolicy object:# ldapadd -H ldaps:// -x -D "cn=Manager,dc=domain,dc=tld" -W <