diff --git a/INSTALL.md b/INSTALL.md index 58bd946..319d7f2 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -103,7 +103,7 @@ adding new entry "cn=default,ou=policies,dc=example,dc=com" You can change password policies like pwdMinLength, pwdMaxFailure, pwdMaxAge, etc. and all organizationalUnits (and therefore, their users) will be affected by default unless configured otherwise. \ \ -In order to enforce our password configuration we need something to control. +In order to enforce our password configuration we need something to control. This is a short example. Create the an organizationalUnit: ``` root@example:/# cat > create_ou.ldif << EOF @@ -122,9 +122,10 @@ Create a password hash for the new user marisa root@example:/# slappasswd -s qwerty {SSHA}fgEXXr2J08jTVfgyOnkRL2I1JNL4Bp5V ``` -Copy-paste all this attributes after the command, remember to write down the hashed password correctly. Once the entry has been added, go back to shell with CTRL+C. + +Create the new user marisa that will belong to organizationalUnit Supergirls ``` -root@example:/# ldapadd -x -D "cn=admin,dc=example,dc=com" -w admin -H ldapi:/// +root@example:/# cat > create_user.ldif << EOF dn: uid=marisa,ou=Supergirls,dc=example,dc=com objectClass: inetOrgPerson objectClass: posixAccount @@ -139,11 +140,14 @@ homeDirectory: /home/marisa loginShell: /bin/bash userPassword: {SSHA}fgEXXr2J08jTVfgyOnkRL2I1JNL4Bp5V mail: marisa@example.com - -adding new entry "uid=marisa,ou=Supergirls,dc=example,dc=com" -^C +EOF ``` -marisa and all users added to Supergirls will respect the password default policies, you can check it out, example: +``` +root@example:/etc/ldap/slapd.d# ldapadd -x -D "cn=admin,dc=example,dc=com" -w Op3nLd4p! -H ldapi:/// -f create_user.ldif +adding new entry "uid=marisa,ou=Supergirls,dc=example,dc=com" +``` + +User marisa and all that are added to Supergirls will respect the password default policies, you can check it out, example: ``` root@example:/# ldappasswd -x -w qwerty -H ldapi:/// -D "uid=marisa,ou=Supergirls,dc=example,dc=com" -s marisakirisame Result: Constraint violation (19)