On Thu, 2 Jun 2005 Martin.Ward@uk.neceur.com wrote:
Hi all,
I am using freeradius to talk to an OpenLDAP server to validate passwords. This all works fine and dandy. If the user enters the right password they get in, if they enter the wrong password the don't.
However, I can't find a way of locking out the user if they enter an invalid password three times in a row. I've trolled through the LDAP stuff but can't find anything in there. Is there a way I can create a password policy to do this?
If you are just doing a bind to the ldap server for authentication, then, I think openldap is working on a password policy overlay that might get you what you want. I believe its only working on non-production versions right now. Not positive about that, but I remember a similar question to this in their mailing list. You may want to post your question to the openldap mailling list or search the archives of it.