ProxmoxAAS-LDAP/openldap/pass.template.ldif

# load pw-sha2 module
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: pw-sha2.la
olcModuleLoad: ppolicy.la

# set default password hash to SSHA512
dn: olcDatabase={-1}frontend,cn=config
changetype: modify
add: olcPasswordHash
olcPasswordHash: {SSHA512}

# add password policy to use SSHA512 hash
dn: olcOverlay=ppolicy,olcDatabase={1}mdb,cn=config
changetype: add
objectClass: olcOverlayConfig
objectClass: olcPPolicyConfig
olcOverlay: ppolicy
olcPPolicyDefault: cn=password,ou=policies,$BASE_DN
olcPPolicyHashCleartext: TRUE
olcPPolicyUseLockout: FALSE
olcPPolicyForwardUpdates: FALSE
create openldap setup utilities, prototype ldap api interface 2023-11-16 22:41:38 +00:00			`# load pw-sha2 module`
			`dn: cn=module{0},cn=config`
			`changetype: modify`
			`add: olcModuleLoad`
			`olcModuleLoad: pw-sha2.la`
			`olcModuleLoad: ppolicy.la`

			`# set default password hash to SSHA512`
			`dn: olcDatabase={-1}frontend,cn=config`
			`changetype: modify`
			`add: olcPasswordHash`
			`olcPasswordHash: {SSHA512}`

			`# add password policy to use SSHA512 hash`
			`dn: olcOverlay=ppolicy,olcDatabase={1}mdb,cn=config`
			`changetype: add`
			`objectClass: olcOverlayConfig`
			`objectClass: olcPPolicyConfig`
			`olcOverlay: ppolicy`
			`olcPPolicyDefault: cn=password,ou=policies,$BASE_DN`
			`olcPPolicyHashCleartext: TRUE`
			`olcPPolicyUseLockout: FALSE`
			`olcPPolicyForwardUpdates: FALSE`