<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns:p="urn:schemas-microsoft-com:office:powerpoint" xmlns:a="urn:schemas-microsoft-com:office:access" xmlns:dt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" xmlns:s="uuid:BDC6E3F0-6DA3-11d1-A2A3-00AA00C14882" xmlns:rs="urn:schemas-microsoft-com:rowset" xmlns:z="#RowsetSchema" xmlns:b="urn:schemas-microsoft-com:office:publisher" xmlns:ss="urn:schemas-microsoft-com:office:spreadsheet" xmlns:c="urn:schemas-microsoft-com:office:component:spreadsheet" xmlns:odc="urn:schemas-microsoft-com:office:odc" xmlns:oa="urn:schemas-microsoft-com:office:activation" xmlns:html="http://www.w3.org/TR/REC-html40" xmlns:q="http://schemas.xmlsoap.org/soap/envelope/" xmlns:rtc="http://microsoft.com/officenet/conferencing" xmlns:D="DAV:" xmlns:Repl="http://schemas.microsoft.com/repl/" xmlns:mt="http://schemas.microsoft.com/sharepoint/soap/meetings/" xmlns:x2="http://schemas.microsoft.com/office/excel/2003/xml" xmlns:ppda="http://www.passport.com/NameSpace.xsd" xmlns:ois="http://schemas.microsoft.com/sharepoint/soap/ois/" xmlns:dir="http://schemas.microsoft.com/sharepoint/soap/directory/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:dsp="http://schemas.microsoft.com/sharepoint/dsp" xmlns:udc="http://schemas.microsoft.com/data/udc" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:sub="http://schemas.microsoft.com/sharepoint/soap/2002/1/alerts/" xmlns:ec="http://www.w3.org/2001/04/xmlenc#" xmlns:sp="http://schemas.microsoft.com/sharepoint/" xmlns:sps="http://schemas.microsoft.com/sharepoint/soap/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:udcs="http://schemas.microsoft.com/data/udc/soap" xmlns:udcxf="http://schemas.microsoft.com/data/udc/xmlfile" xmlns:udcp2p="http://schemas.microsoft.com/data/udc/parttopart" xmlns:wf="http://schemas.microsoft.com/sharepoint/soap/workflow/" xmlns:dsss="http://schemas.microsoft.com/office/2006/digsig-setup" xmlns:dssi="http://schemas.microsoft.com/office/2006/digsig" xmlns:mdssi="http://schemas.openxmlformats.org/package/2006/digital-signature" xmlns:mver="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns:mrels="http://schemas.openxmlformats.org/package/2006/relationships" xmlns:spwp="http://microsoft.com/sharepoint/webpartpages" xmlns:ex12t="http://schemas.microsoft.com/exchange/services/2006/types" xmlns:ex12m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns:pptsl="http://schemas.microsoft.com/sharepoint/soap/SlideLibrary/" xmlns:spsl="http://microsoft.com/webservices/SharePointPortalServer/PublishedLinksService" xmlns:Z="urn:schemas-microsoft-com:" xmlns:st="" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal>Hey Guys<o:p></o:p></p>
<p class=MsoNormal>Hello All<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal style='text-indent:.5in'>I am troubleshooting openldap and
would like to get some feedback from you guys. We have been running on ldap for
a while but was never ever able to implement a password policy. I have
looked at ppolicy but it seems limited as far as password complexity. I found a
module you can built into ppolicy ldap to provide cracklib checking but there
has been some concern with its stability. My next thought was to let pam handle
the cracklib and have the ageing provided in ldap. Now when I set the
password using the passwd program the shadowLastChange is not getting updated
in ldap. My ACL’s are below. <o:p></o:p></p>
<p class=MsoNormal style='text-indent:.5in'>All our users login the desktop via
gdm/xdm and my goal is to provide a means to provide the ability to change
there own password when they get the warning about expiration. I would also
like to know how to keep the samba passwords in sync. Samba is using ldap as
well but it is a separate module in ldap. I did not relize that openldap was a
big monster. Hope someone can lead in the right direction.<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>access to attrs=userPassword,shadowLastChange<o:p></o:p></p>
<p class=MsoNormal> by dn.base="cn=Manager,dc=turbocorp,dc=com"
write<o:p></o:p></p>
<p class=MsoNormal>
by anonymous auth<o:p></o:p></p>
<p class=MsoNormal>
by self write<o:p></o:p></p>
<p class=MsoNormal>
by * none<o:p></o:p></p>
<p class=MsoNormal>access to attrs=SambaLMPassword,SambaNTPassword<o:p></o:p></p>
<p class=MsoNormal> by dn.base="cn=Manager,dc=turbocorp,dc=com"
write<o:p></o:p></p>
<p class=MsoNormal>
by anonymous auth<o:p></o:p></p>
<p class=MsoNormal>
by self write<o:p></o:p></p>
<p class=MsoNormal>
by * none<o:p></o:p></p>
<p class=MsoNormal>access to *<o:p></o:p></p>
<p class=MsoNormal> by dn.base="cn=Manager,dc=turbocorp,dc=com"
write<o:p></o:p></p>
<p class=MsoNormal>
by self write<o:p></o:p></p>
<p class=MsoNormal>
by * read<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal><b><i><span style='font-size:10.5pt;font-family:Consolas;
color:#0070C0'>John Allgood<o:p></o:p></span></i></b></p>
<p class=MsoNormal><b><i><span style='font-size:10.5pt;font-family:Consolas'>Senior
Systems Administrator<o:p></o:p></span></i></b></p>
<p class=MsoNormal><i><span style='font-size:14.0pt;font-family:Consolas'>OHL
Transportation Services<o:p></o:p></span></i></p>
<p class=MsoNormal><i><span style='font-size:10.5pt;font-family:Consolas'>2251
Jesse Jewell Pky. NE<o:p></o:p></span></i></p>
<p class=MsoNormal><i><span style='font-size:10.5pt;font-family:Consolas'>Gainesville,
GA 30507<o:p></o:p></span></i></p>
<p class=MsoNormal><i><span style='font-size:10.5pt;font-family:Consolas'>tel:
(678) 989-3051 fax: (770) 531-7878<o:p></o:p></span></i></p>
<p class=MsoNormal><i><span style='font-size:10.5pt;font-family:Consolas'><o:p> </o:p></span></i></p>
<p class=MsoNormal><i><span style='font-size:10.5pt;font-family:Consolas'><a
href="mailto:jallgood@ohl.com"><span style='color:windowtext'>jallgood@ohl.com</span></a><o:p></o:p></span></i></p>
<p class=MsoNormal><i><span style='font-size:10.5pt;font-family:Consolas'><a
href="http://www.ohl.com"><span style='color:windowtext'>www.ohl.com</span></a><o:p></o:p></span></i></p>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<BR>
______________________________________________________<BR>
<BR>
This e-mail transmission may contain information that is proprietary, privileged and/or confidential and is intended exclusively for the person(s) to whom it is addressed. Any use, copying, retention or disclosure by any person other than the intended recipient or the intended recipient's designees is strictly prohibited. If you are not the intended recipient or their designee, please notify the sender immediately by return e-mail and delete all copies.<BR>
</body>
</html>