Jump to content

FeministWiki:Technical documentation: Difference between revisions

Line 93: Line 93:
* The <code>sn</code> (surname) field simply contains a minus character as a placeholder, because it's a mandatory field.
* The <code>sn</code> (surname) field simply contains a minus character as a placeholder, because it's a mandatory field.
* The <code>manager</code> field is optional and we use it to record the member who added the member in question.
* The <code>manager</code> field is optional and we use it to record the member who added the member in question.
To make sure passwords are stored with the <code>{SSHA}</code> scheme rather than plain text, the <code>ppolicy</code> "password policy overlay" is used.  ZYTRAX has a very nice book about LDAP which documents how to enable this: http://www.zytrax.com/books/ldap/ch6/ppolicy.html
In short, the steps go as follows (these commands ''should'' work verbatim):
# Add the ppolicy schema
ldapadd -Y external -H ldapi:/// < /etc/ldap/schema/ppolicy.ldif
# Enable the ppolicy dynamic module
ldapmodify -Y external -H ldapi:/// <<EOF
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: ppolicy
EOF
# Add the ppolicy overlay with olcPPolicyHashCleartext set to TRUE
ldapadd -Y external -H ldapi:/// <<EOF
dn: olcOverlay=ppolicy,olcDatabase={1}mdb,cn=config
objectClass: olcPPolicyConfig
olcOverlay: ppolicy
olcPPolicyHashCleartext: TRUE
EOF


=== Wiki ===
=== Wiki ===