You are viewing a plain text version of this content. The canonical link for it is here.

Posted to fortress@directory.apache.org by Shawn McKinney <sm...@apache.org> on 2017/06/10 16:08:03 UTC

ApacheDS PW Policy Support

Now have full support of apacheds password policies.  Changes described here:
https://issues.apache.org/jira/browse/FC-211

In order to use, define apacheds policies in the normal way.  There’s a bit of info here:  
http://directory.apache.org/apacheds/advanced-ug/4.3-password-policy.html

These policy objects *must* reside under this org unit node:
ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config

They can be active in one of two ways:

1. global default, is typically this one:
ads-pwdid=Default,ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config

which applies to all users who otherwise don’t have valid policy specified by the pwdAttribute on their account.

2. set per user by specifying pwdAttribute that points to an object under the policy ou.

For more info, run the fortress junit tests and look at the data generated and set for users and policy objects.

There should be a document that describes the usage on our project page.  Will add before the next release.

Shawn