[sork] Configuration problem with sork
Michel Bulgado
michel at casa.co.cu
Mon Aug 31 18:55:09 UTC 2009
On Mon, 2009-08-31 at 12:57 -0500, Eric Jon Rostetter wrote:
> Quoting michel at casa.co.cu:
>
> > I am interested in achieving the same goal, that my users can change
> > their passwords in the Windows Active Directory, I think it is more
> [...]
> > 'password policy' => array(
> > 'minLength' => 3,
> > 'maxLength' => 6
>
> Make sure your AD will accept password which are only 3-6 characters longer
> (maybe its policy is to require >6 characters?)
>
> > ),
> > 'driver' => 'ldap',
> > 'params' => array(
> > 'host' => 'ldap.home.com',
> > 'port' => 389,
>
> Add sslhost, since most AD implementations require SSL connections.
>
> > I tried changing the port for "636" , using directive "sslhost".
> > using ldapsearch for test my settings to get dn from active
> > directory and work fine.
>
> Add sslhost, but leave port as is, and test...
>
> > suggestions?
>
> Only above, but I'm hoping others will chime in with more...
my config
$backends['ldap'] = array(
'name' => 'LDAP Server',
'preferred' => 'home.com',
'password policy' => array(
'minLength' => 3,
'maxLength' => 8
),
'driver' => 'ldap',
'params' => array(
'host' => '192.168.25.26',
'sslhost' => '192.168.25.26',
'port' => 389,
'basedn' => 'ou=HOME,dc=home,dc=com',
'uid' => 'sAMAccountName',
// these attributes will enable shadow password policies.
// 'shadowlastchange' => 'shadowlastchange',
// 'shadowmin' => 'shadowmin',
// this will be appended to the username when looking for the
userdn.
'realm' => 'home.com',
'encryption' => 'msad',
// make sure the host == cn in the server certificate
'tls' => false
)
);
I test i dont work.
Greetings
Michel
More information about the sork
mailing list