03-28-2012 03:36 PM
We have configured openldap server running on rhel5.8 with ppolicy overlay.
We would like to know the settigns that are required at HPUX ldap client side to take these passwd policy effect.
Thanks & Regards,
03-31-2012 12:09 PM
When a user is logging on to a LDAP-based account, the username and password is sent to the LDAP server for checking, and the LDAP server will decide whether to allow the user to log in or not. The checks related to the password policy are also done at the LDAP server: if the user supplied the correct password but the password is expired, the LDAP server can simply reject the login attempt, or tell the LDAP client system that the user can be allowed in but the password change procedure must be immediately started (forcing the user to change the expired password).
The LDAP client does not need to make any policy-related checks.
So, if you have successfully configured the HP-UX LDAP client to use LDAP-based user accounts, you don't have to do anything more.