LDAP, pwdpolicy does not exist

Question

I am new to LDAP, and I want to add password policy using the class pwdpolicy, but every time I get the error :

ERR_04269 OBJECT_CLASS for OID pwdpolicy does not exist!

Here is the how i try to add it:

dn: cn=Default Password Policy,ou=pwpolicies,dc=example,dc=com
objectClass: top
objectClass: device
objectClass: pwdPolicy
cn:Default Password Policy
pwdAttribute: userPassword
pwdMaxAge: 7776002
pwdExpireWarning: 432000
pwdInHistory: 3
pwdCheckQuality: 1
pwdMinLength: 8
pwdMaxFailure: 5
pwdLockout: TRUE
pwdLockoutDuration: 900
pwdGraceAuthNLimit: 0
pwdFailureCountInterval: 0
pwdMustChange: TRUE
pwdAllowUserChange: TRUE
pwdSafeModify: FALSE

I changed the slapd.conf in WorkspaceLDAP\openldap\servers\slapd maybe I configured wrong slapd file

Here is my slapd.conf :

include         %SYSCONFDIR%/schema/core.schema
include         @SCHEMADIR@/core.schema
include         @SCHEMADIR@/cosine.schema
include         @SCHEMADIR@/inetorgperson.schema
include         @SCHEMADIR@/rfc2307bis.schema
include         @SCHEMADIR@/yast.schema


pidfile     %LOCALSTATEDIR%/run/slapd.pid
argsfile    %LOCALSTATEDIR%/run/slapd.args



#######################################################################
# BDB database definitions
#######################################################################

database    mdb
maxsize     1073741824
suffix      "dc=example,dc=com"
checkpoint      1024
cachesize       10000
rootdn      "cn=Administrator,dc=example,dc=com"
rootpw      secret
directory   %LOCALSTATEDIR%/openldap-data
# Indices to maintain
index   objectClass eq
overlay ppolicy
ppolicy_default "cn=Default Password Policy,ou=pwpolicies,dc=example,dc=com"
ppolicy_hash_cleartext
ppolicy_use_lockout

Can i check somehow witch slapd file my server is using or if the configuration is correct?

Answer 1

You have to add and configure the ppolicy overlay in slapd.conf or your online configuration, whichever you're using.