Differences

This shows you the differences between two versions of the page.

--- centos7_openldap_ppolicy [2015/09/15 09:38] – [Configure pProvider (master) and consumer (slave)] admin
+++ centos7_openldap_ppolicy [2015/09/15 09:41] – admin
@@ Line 16: / Line 16: @@
 objectClass: olcPPolicyConfig
 olcPPolicyDefault: cn=ppolicy,ou=policies,dc=domain,dc=tld
+EOF</code>
+====Configure Provider (master)====
+  * Create the policies OU:<code># ldapadd -H ldaps://<FQDN> -x -D "cn=Manager,dc=domain,dc=tld" -W <<EOF
+dn: ou=policies,dc=domain,dc=tld
+objectClass: top
+objectClass: organizationalUnit
+ou: policies
+EOF</code>
+  * Create the ppolice object:<code># ldapadd -H ldaps://<FQDN> -x -D "cn=Manager,dc=domain,dc=tld" -W <<EOF
+dn: cn=ppolicy,ou=policies,dc=domain,dc=tld
+cn: ppolicy
+objectClass: top
+objectClass: device
+objectClass: pwdPolicy
+objectClass: pwdPolicyChecker
+pwdAttribute: userPassword
+pwdInHistory: 8
+pwdMinLength: 8
+pwdMaxFailure: 3
+pwdFailureCountInterval: 1800
+pwdCheckQuality: 2
+pwdMustChange: TRUE
+pwdGraceAuthNLimit: 0
+pwdMaxAge: 7776000
+pwdExpireWarning: 1209600
+pwdLockoutDuration: 900
+pwdLockout: TRUE
 EOF</code>