forked from infra/ansible
slapd: enable password policies
this will facilitate proper locking of accounts
This commit is contained in:
parent
0ff1611b8d
commit
3ac021d922
@ -12,6 +12,7 @@ include /etc/ldap/schema/cosine.schema
|
|||||||
include /etc/ldap/schema/inetorgperson.schema
|
include /etc/ldap/schema/inetorgperson.schema
|
||||||
include /etc/ldap/schema/kitchen.schema
|
include /etc/ldap/schema/kitchen.schema
|
||||||
include /etc/ldap/schema/misc.schema
|
include /etc/ldap/schema/misc.schema
|
||||||
|
include /etc/ldap/schema/namedobject.schema
|
||||||
include /etc/ldap/schema/nis.schema
|
include /etc/ldap/schema/nis.schema
|
||||||
include /etc/ldap/schema/openssh-lpk.schema
|
include /etc/ldap/schema/openssh-lpk.schema
|
||||||
include /etc/ldap/schema/radius.schema
|
include /etc/ldap/schema/radius.schema
|
||||||
@ -31,6 +32,7 @@ loglevel sync
|
|||||||
# Load dynamic backend modules:
|
# Load dynamic backend modules:
|
||||||
modulepath /usr/lib/ldap
|
modulepath /usr/lib/ldap
|
||||||
moduleload back_mdb.la
|
moduleload back_mdb.la
|
||||||
|
moduleload ppolicy.la
|
||||||
{% if slapd_role == 'master' %}
|
{% if slapd_role == 'master' %}
|
||||||
moduleload syncprov.la
|
moduleload syncprov.la
|
||||||
{% endif %}
|
{% endif %}
|
||||||
@ -134,6 +136,14 @@ index mail eq
|
|||||||
index mailAlternateAddress eq
|
index mailAlternateAddress eq
|
||||||
|
|
||||||
|
|
||||||
|
#######################################################################
|
||||||
|
# Password Policies
|
||||||
|
#######################################################################
|
||||||
|
|
||||||
|
overlay ppolicy
|
||||||
|
ppolicy_default "cn=pp-default,ou=policies,dc=binary-kitchen,dc=de"
|
||||||
|
|
||||||
|
|
||||||
{% if slapd_role == 'master' %}
|
{% if slapd_role == 'master' %}
|
||||||
#######################################################################
|
#######################################################################
|
||||||
# Replication
|
# Replication
|
||||||
|
Loading…
Reference in New Issue
Block a user