Bug 28703 - ppolicy Schema einbinden
ppolicy Schema einbinden
Status: RESOLVED DUPLICATE of bug 31907
Product: UCS
Classification: Unclassified
Component: LDAP
UCS 3.0
Other Linux
: P5 enhancement (vote)
: ---
Assigned To: UCS maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-10-08 11:05 CEST by Tim Petersen
Modified: 2018-04-14 13:44 CEST (History)
1 user (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Tim Petersen univentionstaff 2012-10-08 11:05:30 CEST
Angefragt im Forum an Ticket #2012100121004324:
"PS: Wäre es vl möglich, das ppolicy zukünftig zu implementieren, um sagen zu können, dass zB. nach 10 Fehllogins gegen das LDAP der Account für zB. 30 Minuten gesperrt wird???"

Es geht hierbei um "include /etc/ldap/schema/ppolicy.schema"
Comment 1 Arvid Requate univentionstaff 2014-11-20 17:59:52 CET
This lockout on faild LDAP bind attempts has been implemented in UCS 4.0 by loading and configuring ppolicy accordingly, see http://sdb.univention.de/1291 (Bug 31907).

Note that the feature of automatic (timed) unlocking has not been implemented yet, as it would either require quite a bit of coordinated modifications to the different authentication services (Samba, UMC, LDAP) to make them all aware of each others specific attributes -- or alternatively it would require a cron job. The discurraging point currently is the number of different attributes and attribute semantics that each of these authentication services use. We probably want to tackle this first in a future release. Some initial thoughts about this have been proposed at Bug 35809.

*** This bug has been marked as a duplicate of bug 31907 ***