Thank you, so the steps to have this attribute cfg and with set value for each user are :
- In DS cfg add attriute PasswordTrackUpddateTime to on, nsslapd-policy-local to on and nsslapd-pwpolicy-inherit –global to on
- Have users chage their passwd
- The uid entries wtill display the new attribute :PasswordTrackUpdateTime with time stamp value
Is this sufficient to have this attribute populate for each DS entry ?
Do I still need to run this ns-newpolicy.pl script ?
If affirmative, I would like to learn when and what arguments must provide at run time ?
***ATTENTION*** This email originated from outside of the NRC. ***ATTENTION*** Ce courriel provient de l'extérieur du CNRC
On 9/17/21 4:46 PM, Ghiurea, Isabella wrote:
I am searching for some documentation for ns-newpolicy.pl file , as per RH Doc I can use that script to add the attribute : pwdUpdateTime to each uid entry after I already cfg in DS Password TrackUpdateTime and pwdpolicy- inherit -global to ‘on’;
The only docs we have are the official Red Hat docs. Here's a recap...
This will start to add "pwdUpdateTime" to entries after they change their passwords, but it does not automatically add it to all existing entries. They must change their passwords after enabling this setting for pwdUpdateTime to be set.
This setting is only used if you are using local password policies (subtree/user policies). It means it will check the global policy settings AND the local policy settings. Otherwise only the local policy is applied.
_______________________________________________389-users mailing list -- firstname.lastname@example.orgTo unsubscribe send an email to email@example.comFedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelinesDo not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Directory Server Development Team