Password policy

author: Guilhem Moulin <guilhem.moulin@fripost.org> 2013-01-30 20:28:47 +0100
committer: Guilhem Moulin <guilhem.moulin@fripost.org> 2013-01-30 20:47:02 +0100
commit: c4b39c091e413d196112a94352654a4803ed3c84 (patch)
tree: 877c4647221dfa2483f0ad2c5bfa33b96abdedf7 /ldap/base.ldif
parent: 73c7ba4d856553706528bf2a3ae91a82fa121c10 (diff)
1 files changed, 10 insertions, 1 deletions
diff --git a/ldap/base.ldif b/ldap/base.ldif
index c102beb..81e8874 100644
--- a/ldap/base.ldif
+++ b/ldap/base.ldif
@@ -13,6 +13,14 @@ dn: o=mailHosting,dc=fripost,dc=dev
 objectClass: organization
 description: Mail hosting
 
+dn: cn=ppolicy,o=mailHosting,dc=fripost,dc=dev
+objectClass: organizationalRole
+objectClass: pwdPolicy
+pwdAttribute: userPassword
+pwdLockout: TRUE
+pwdLockoutDuration: 900
+pwdFailureCountInterval: 300
+pwdMaxFailure: 3
 
 dn: ou=virtual,o=mailHosting,dc=fripost,dc=dev
 objectClass: organizationalUnit
@@ -51,7 +59,8 @@ dn: cn=AdminWebPanel,ou=services,o=mailHosting,dc=fripost,dc=dev
 objectClass: simpleSecurityObject
 objectClass: organizationalRole
 description: The adminstrator Web Panel
-userPassword: panel
+userPassword: {CLEARTEXT}panel
+# NOTE: ^ The password needs to be stored clear for DIGEST-MD5 SASL authentication
 authzTo: dn.regex:^fvl=[^,]+,fvd=[^,]+,ou=virtual,o=mailHosting,dc=fripost,dc=dev$
 #authzTo: ldap:///ou=virtual,o=mailHosting,dc=fripost,dc=dev??sub?(objectClass=FripostVirtualUser)
 # NOTE: ^ This is an expensive operation, and requires search perms for the service.
author	Guilhem Moulin <guilhem.moulin@fripost.org>	2013-01-30 20:28:47 +0100
committer	Guilhem Moulin <guilhem.moulin@fripost.org>	2013-01-30 20:47:02 +0100
commit	c4b39c091e413d196112a94352654a4803ed3c84 (patch)
tree	877c4647221dfa2483f0ad2c5bfa33b96abdedf7 /ldap/base.ldif
parent	73c7ba4d856553706528bf2a3ae91a82fa121c10 (diff)