create openldap setup utilities,

prototype ldap api interface

openldap/pass.template.ldif

@@ -0,0 +1,23 @@
+# load pw-sha2 module
+dn: cn=module{0},cn=config
+changetype: modify
+add: olcModuleLoad
+olcModuleLoad: pw-sha2.la
+olcModuleLoad: ppolicy.la
+
+# set default password hash to SSHA512
+dn: olcDatabase={-1}frontend,cn=config
+changetype: modify
+add: olcPasswordHash
+olcPasswordHash: {SSHA512}
+
+# add password policy to use SSHA512 hash
+dn: olcOverlay=ppolicy,olcDatabase={1}mdb,cn=config
+changetype: add
+objectClass: olcOverlayConfig
+objectClass: olcPPolicyConfig
+olcOverlay: ppolicy
+olcPPolicyDefault: cn=password,ou=policies,$BASE_DN
+olcPPolicyHashCleartext: TRUE
+olcPPolicyUseLockout: FALSE
+olcPPolicyForwardUpdates: FALSE