[389-users] Re: ns-newpolicy/pl documentation/use case

On 9/17/21 4:46 PM, Ghiurea, Isabella wrote:

Hi List

I am searching for  some  documentation  for ns-newpolicy.pl file , as per RH Doc I can  use that script to add the attribute : pwdUpdateTime to each uid  entry after I  already cfg in  DS  Password TrackUpdateTime and  pwdpolicy-  inherit -global  to 'on';

The only docs we have are the official Red Hat docs.  Here's a recap...

https://access.redhat.com/documentation/en-us/red_hat_directory_server/10/html/configuration_command_and_file_reference/core_server_configuration_reference#cnconfig-passwordTrackUpdateTime

This will start to add "pwdUpdateTime" to entries after they change their passwords, but it does not automatically add it to all existing entries.  They must change their passwords after enabling this setting for pwdUpdateTime to be set.

https://access.redhat.com/documentation/en-us/red_hat_directory_server/10/html/configuration_command_and_file_reference/core_server_configuration_reference#cnconfig-nsslapd_pwpolicy_inherit_global_Inherit_Global_Password_Policy

This setting is only used if you are using local password policies (subtree/user policies). It means it will check the global policy settings AND the local policy settings.  Otherwise only the local policy is applied.

HTH,
Mark

Thank you

Isabella

_______________________________________________  389-users mailing list -- 389-users@lists.fedoraproject.org  To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org  Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/  List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines  List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org  Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure  

--   Directory Server Development Team