Univention Bugzilla – Bug 28703
ppolicy Schema einbinden
Last modified: 2018-04-14 13:44:03 CEST
Angefragt im Forum an Ticket #2012100121004324: "PS: Wäre es vl möglich, das ppolicy zukünftig zu implementieren, um sagen zu können, dass zB. nach 10 Fehllogins gegen das LDAP der Account für zB. 30 Minuten gesperrt wird???" Es geht hierbei um "include /etc/ldap/schema/ppolicy.schema"
This lockout on faild LDAP bind attempts has been implemented in UCS 4.0 by loading and configuring ppolicy accordingly, see http://sdb.univention.de/1291 (Bug 31907). Note that the feature of automatic (timed) unlocking has not been implemented yet, as it would either require quite a bit of coordinated modifications to the different authentication services (Samba, UMC, LDAP) to make them all aware of each others specific attributes -- or alternatively it would require a cron job. The discurraging point currently is the number of different attributes and attribute semantics that each of these authentication services use. We probably want to tackle this first in a future release. Some initial thoughts about this have been proposed at Bug 35809. *** This bug has been marked as a duplicate of bug 31907 ***