From 92ff6afec0248fece26a78327de6f3bf7f24cdf9 Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Mon, 28 Aug 2006 14:33:59 +0000 Subject: [PATCH] note the single-value userPassword constraint (please review) --- doc/man/man5/slapo-ppolicy.5 | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/doc/man/man5/slapo-ppolicy.5 b/doc/man/man5/slapo-ppolicy.5 index 4f59db302f..404324ed7e 100644 --- a/doc/man/man5/slapo-ppolicy.5 +++ b/doc/man/man5/slapo-ppolicy.5 @@ -29,6 +29,12 @@ is performed with the .B rootdn identity; all the operations, when performed with any other identity, may be subjected to constraints, like access control. +.P +Note that the IETF Password Policy proposal for LDAP makes sense +when considering a single-valued password attribute, while +the userPassword attribute allows multiple values. This implementation +enforces a single value for the userPassword attribute, despite +its specification. .SH CONFIGURATION These