From c4b39c091e413d196112a94352654a4803ed3c84 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem.moulin@fripost.org>
Date: Wed, 30 Jan 2013 20:28:47 +0100
Subject: Password policy

---
 ldap/ppolicy.ldif | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 ldap/ppolicy.ldif

(limited to 'ldap/ppolicy.ldif')

diff --git a/ldap/ppolicy.ldif b/ldap/ppolicy.ldif
new file mode 100644
index 0000000..60b52aa
--- /dev/null
+++ b/ldap/ppolicy.ldif
@@ -0,0 +1,26 @@
+# Load this file with
+#
+#   ldapadd -Y EXTERNAL -H ldapi:/// -f ppolicy.ldif
+#
+# It will load the "ppolicy" overlay configuration for the database #1.
+# Ensure that it's indeed the database #1 that you want to configure:
+#
+#   ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b "cn=config" "olcSuffix=o=mailHosting,dc=fripost,dc=dev" dn
+#
+# Note: There is no clean way to remove/replace overlays, other than
+# stopping slapd and digging into the slapd.d directory:
+#   http://www.zytrax.com/books/ldap/ch6/slapd-config.html#use-overlays
+#
+#
+# References:
+# - http://www.openldap.org/doc/admin24/overlays.html#Password%20Policies
+# - http://www.zytrax.com/books/ldap/ch6/ppolicy.html
+# - man 5 slapo-ppolicy
+
+
+dn: olcOverlay=ppolicy,olcDatabase={1}hdb,cn=config
+objectClass: olcOverlayConfig
+objectClass: olcPPolicyConfig
+olcPPolicyDefault: cn=ppolicy,o=mailHosting,dc=fripost,dc=dev
+olcPPolicyHashCleartext: TRUE
+olcPPolicyUseLockout: FALSE
-- 
cgit v1.2.3