2024-03-28 23:22:25 +00:00
|
|
|
# load modules: pw-sha2, ppolicy, memberof
|
2024-03-28 21:28:27 +00:00
|
|
|
dn: cn=module{0},cn=config
|
|
|
|
|
changetype: modify
|
|
|
|
|
add: olcModuleLoad
|
|
|
|
|
olcModuleLoad: pw-sha2.la
|
|
|
|
|
olcModuleLoad: ppolicy.la
|
2024-03-28 23:22:25 +00:00
|
|
|
olcModuleLoad: memberof.la
|
2024-03-28 21:28:27 +00:00
|
|
|
|
|
|
|
|
# set default password hash to SSHA512
|
|
|
|
|
dn: olcDatabase={-1}frontend,cn=config
|
|
|
|
|
changetype: modify
|
|
|
|
|
add: olcPasswordHash
|
|
|
|
|
olcPasswordHash: {SSHA512}
|
|
|
|
|
|
|
|
|
|
# add password policy to use SSHA512 hash
|
|
|
|
|
dn: olcOverlay=ppolicy,olcDatabase={1}mdb,cn=config
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: olcOverlayConfig
|
|
|
|
|
objectClass: olcPPolicyConfig
|
|
|
|
|
olcOverlay: ppolicy
|
|
|
|
|
olcPPolicyDefault: cn=password,ou=policies,$BASE_DN
|
|
|
|
|
olcPPolicyHashCleartext: TRUE
|
|
|
|
|
olcPPolicyUseLockout: FALSE
|
|
|
|
|
olcPPolicyForwardUpdates: FALSE
|
2024-03-28 23:22:25 +00:00
|
|
|
|
|
|
|
|
# add memberof policy
|
|
|
|
|
dn: olcOverlay=memberof,olcDatabase={1}mdb,cn=config
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: olcOverlayConfig
|
|
|
|
|
objectClass: olcMemberOf
|
|
|
|
|
olcOverlay: memberof
|
|
|
|
|
olcMemberOfDangling: ignore
|
|
|
|
|
olcMemberOfRefInt: TRUE
|
|
|
|
|
olcMemberOfGroupOC: groupOfNames
|
|
|
|
|
olcMemberOfMemberAD: member
|
|
|
|
|
olcMemberOfMemberOfAD: memberOf
|
