3 Replies Latest reply on Nov 11, 2019 4:54 PM by user464986

    Passord policy used by a user in OUD

    3923566

      Hi All, I would like to know the ldap command for look for "Password policy used by a user in OUD". Basically I need to know what is the policy-name for a OUD user by providing the --targetDN

       

      Thanks.

        • 1. Re: Passord policy used by a user in OUD
          IDAM_EUS

          Typically it's assigned using ds-pwp-password-policy-dn.

           

          Can you search for this attribute.

           

           

          dn: cn=eusadmin,cn=OracleContext

          changetype: add

          objectclass: inetorgperson

          cn: eusadmin

          sn: eusadmin

          uid: eusadmin

          userpassword: <Desired_Password>

          ds-pwp-password-policy-dn: cn= Mapping Admin Password Policy,cn=Password Policies,cn=config

          • 2. Re: Passord policy used by a user in OUD
            3923566

            ldapsearch comes empty for this? iS so, does it mean it is using default password policy?

            • 3. Re: Passord policy used by a user in OUD
              user464986

              It is an operational attribute.  You can see it , but you have to specifically ask for it.

               

              I'm using the ldapsearch syntax for the OpenLDAP ldapseach command:

               

              ldapsearch -x -LLL -h ldap1.acme.com -p 389 -D cn=oudadmin -W -Z -b cn=users,dc=jmu,dc=edu "(cn=user1)" ds-pwp-password-policy-dn

               

              or you can list all operational attributes:

               

              ldapsearch -x -LLL -h ldap1.acme.com -p 389 -D cn=oudadmin -W -Z -b cn=users,dc=jmu,dc=edu "(cn=user1)" "+"

               

              or all normal and operational attributes:

               

              ldapsearch -x -LLL -h ldap1.acme.com -p 389 -D cn=oudadmin -W -Z -b cn=users,dc=jmu,dc=edu "(cn=user1)" "*" "+"