directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ersin Er" <ersin...@gmail.com>
Subject Re: Questions...
Date Tue, 27 Mar 2007 16:28:19 GMT
On 3/27/07, Emmanuel Lecharny <elecharny@gmail.com> wrote:
> Hi Dave !
>
> On 3/27/07, Dave Bartlett <Dave.Bartlett@medecision.com> wrote:
> >
> > I am evaluating LDAP implementations.  I had a difficult time
> > determining if Apache Directory can perform some password policy
> > functions such as max and min characters in password, expiration days,
> > warning days before expiration, logon attempts, etc.
>
>
> No, we didn't implemented password policies right now. But this is something
> we might do sooner or later.
>
> In Apache
> > Directory would this be done through 'custom authenticators'?
>
>
> Sure. This is not  really the simpliest way to do it, but this is the way to
> go. We may think about other options, like triggers or Store procedures (we
> have both) to handle such policies. For instance, with Stored Procedures, we
> can check if the password is correct in regard with the given policy. The
> good point about SP is that it's basically a java class you simply store
> into the server, as any other Ldap element, so you don't have to rebuild the
> server.

Yes, an SP phsically is just a Java class with static methods stored
in the DIT. We have a SP caller extended operation but it's not the
matter in this context. Triggers track some operations and invoke SPs
on some scheduled time.

> Alex and Ersin, correct me if I'm wrong !
>
> Emmanuel
>
> Thank you,
> >
> > db
> >
> > Dave.Bartlett@medecision.com
> >
> > 610.540.0202 ext: 1449
> >
> >
> >
> > _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
> > _
> >
> > The information transmitted is intended only for the person or entity to
> > which it is addressed and may contain confidential and/or privileged
> > material. Any review, retransmission, dissemination or other use of, or
> > taking of any action in reliance upon, this information by persons or
> > entities other than the intended recipient is prohibited. If you received
> > this message in error, please contact the sender and delete the material
> > from any computer.
> >
> >
>
>
> --
> Cordialement,
> Emmanuel L├ęcharny
> www.iktek.com
>


-- 
Ersin
Mime
View raw message