| |
Request Control |
|
|
Subject: Request Control
Author: SteveHB
In response to: LDAP Password Policy -- draft-behera-ldap-password-policy-10.txt
Posted on: 02/16/2010 09:18:55 PM
This control MAY be sent with any LDAP request message (not just bindRequest) in order to convey to the server that this client is aware of, and can process the response control described in this document. When a server receives this control, it will return the response control when appropriate and with the proper data.
The controlType is 1.3.6.1.4.1.42.2.27.8.5.1
The criticality may be TRUE or FALSE
There is no controlValue
>
> On 02/16/2010 08:53:40 PM SteveHB wrote:
http://tools.ietf.org/html/draft-behera-ldap-password-policy-10
Password policy as described in this document is a set of rules that
controls how passwords are used and administered in Lightweight
Directory Access Protocol (LDAP) based directories. In order to
improve the security of LDAP directories and make it difficult for
password cracking programs to break into directories, it is desirable
to enforce a set of rules on password usage. These rules are made to
ensure that users change their passwords periodically, passwords meet
construction requirements, the re-use of old password is restricted,
and to deter password guessing attacks.
The older version of Password Policy can be found as below:
http://tools.ietf.org/html/draft-vchu-ldap-pwd-policy-00
where Netscape LDAP Password Policy Controls PasswordExpiredControl(OID:2.16.840.1.113730.3.4.4), and PasswordExpiringControl(OID:2.16.840.1.113730.3.4.5) are specified.
References:
|
|
|
|
