LDAP Password Policy

Setting password policy

Netscape V4.x

password policy is set in slapd.conf

eg to change password storage scheme from SHA (default) to crypt (unix compatible)

change the line
pw_storagescheme SHA to pw_storagescheme crypt

Netscape V5.x

In the directory server console, select the configuration tab and then the data node. Various password policies can be applied here, including encryption algorithms and password expirations.

Converting passwords into correct format

When a directory servers has been setup there is a script called getpwenc that can be used to convert passwords into the correct format

/var/ds5/slapd-/getpwenc

Where storagescheme is one of SSHA, SHA, crypt or clear.