Table of Contents
Advertisement
Designing a Password Policy
For a user (for example,
following changes are required:
•
Add a container entry (
various password policy related entries for the user and its children. For
example:
•
Add a password policy specification entry (
the password policy attributes that are specific to the user. For example:
•
Assign the value of the above entry DN to the
of the target entry. For example:
You can make these changes either from the Directory Server Console or by using
the
ns-newpwpolicy.pl
Command, and File Reference lists the command-line syntax for the script. The
Netscape Directory Server Administrator's Guide includes procedures for
accomplishing these tasks. Once these entries are added to the directory, they
help determine the type (global or local) of the password policy Directory Server
should enforce.
When a user attempts to bind to the directory, Directory Server determines
whether a local policy has been defined and enabled for the user's entry.
•
Whether the fine-grained password policy is enabled, the server checks the
value (
cn=config
the subtree and user levels and enforces the global password policy.
146
Netscape Directory Server Deployment Guide • October 2004
uid=jdoe, ou=people, dc=example, dc=com
nsPwPolicyContainer
dn: cn=nsPwPolicyContainer, ou=people, dc=example, dc=com
objectClass: top
objectClass: nsContainer
cn: nsPwPolicyContainer
dn: cn="cn=nsPwPolicyEntry, uid=jdoe, ou=people, dc=example,
dc=com", cn=nsPwPolicyContainer, ou=people, dc=example,
dc=com
objectclass: top
objectclass: ldapsubentry
objectclass: passwordpolicy
dn: uid=jdoe, ou=people, dc=example, dc=com
changetype: modify
replace: pwdpolicysubentry
pwdpolicysubentry: "cn=nsPwPolicyEntry, uid=jdoe, ou=people,
dc=example, dc=com", cn=nsPwPolicyContainer, ou=people,
dc=example, dc=com
script. The Netscape Directory Server Configuration,
or
) assigned to the
on
off
entry. If the value is
) at the parent level for holding
nsPwPolicyEntry
pwdpolicysubentry
nsslapd-pwpolicy-local
, the server ignores the policies defined at
off
), the
) for holding
attribute
attribute of the
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE DIRECTORY SERVER 7.0 - DEPLOYMENT
Related Products for Netscape NETSCAPE DIRECTORY SERVER 7.0 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 7.0 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.01 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.01 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.02 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.02 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.1 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.1 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.0
- Netscape NETSCAPE DIRECTORY SERVER 6.0 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.01 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.02 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 7.0 - GATEWAY CUSTOMIZATION
- Netscape ENTERPRISE SERVER 6.0