0

I read +++ forums and docs.

My OpenLDAP instance is configured in a Bitnami Container as follows:

dn: cn=module,cn=config
cn: module
objectClass: olcModuleList
olcModuleLoad: ppolicy.so
olcModulePath: /opt/bitnami/openldap/lib/openldap

dn: olcOverlay=ppolicy,olcDatabase={2}hdb,cn=config
changetype: add
objectClass: olcConfig
objectClass: olcPPolicyConfig
objectClass: olcOverlayConfig
objectClass: top
olcOverlay: ppolicy
olcPPolicyDefault: cn=default,ou=Policies,dc=example,dc=org


dn: ou=Policies,dc=example,dc=org
objectclass: organizationalUnit
objectclass: top
ou: Policies


dn: cn=default,ou=Policies,dc=example,dc=org
objectClass: pwdPolicy
objectClass: inetOrgPerson
objectClass: top
cn: default
sn: default
pwdAttribute: userPassword
pwdMaxAge: 86400
pwdMinLength: 8
pwdExpireWarning: 86400
pwdInHistory: 3
pwdCheckQuality: 2
pwdGraceAuthNLimit: 0
pwdLockout: TRUE
pwdLockoutDuration: 1800
pwdMaxFailure: 3
pwdFailureCountInterval: 0
pwdMustChange: TRUE
pwdAllowUserChange: TRUE
pwdSafeModify: FALSE

My intent is to map the ppolicy Overlay to posixAccounts.

Using example user:

dn: cn=foo bar,ou=users,dc=example,dc=org
cn: foo bar
gidnumber: 500
givenname: foo
homedirectory: /home/users/fbar
loginshell: /bin/bash
objectclass: inetOrgPerson
objectclass: posixAccount
objectclass: top
sn: bar
uid: fbar
uidnumber: 1002
userpassword: ChangeMe

How do I view the attributes for a user?

Greg Askew
  • 39,132
Peedy2495
  • 21
  • 3

1 Answers1

1

All of these settings are correct. The additional overlay attributes are visible by appending a "+" in queries, only. Reason: all of them are internal LDAP attributes.

Feel free to use this thread as template for your own deployment.

Dave M
  • 4,494
Peedy2495
  • 21
  • 3