From: Pierangelo Masarati <ando@openldap.org>
Date: Mon, 28 Aug 2006 14:33:59 +0000 (+0000)
Subject: note the single-value userPassword constraint (please review)
X-Git-Tag: OPENLDAP_REL_ENG_2_3_MP~247
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=92ff6afec0248fece26a78327de6f3bf7f24cdf9;p=openldap

note the single-value userPassword constraint (please review)
---

diff --git a/doc/man/man5/slapo-ppolicy.5 b/doc/man/man5/slapo-ppolicy.5
index 4f59db302f..404324ed7e 100644
--- a/doc/man/man5/slapo-ppolicy.5
+++ b/doc/man/man5/slapo-ppolicy.5
@@ -29,6 +29,12 @@ is performed with the
 .B rootdn
 identity; all the operations, when performed with any other identity,
 may be subjected to constraints, like access control.
+.P
+Note that the IETF Password Policy proposal for LDAP makes sense
+when considering a single-valued password attribute, while 
+the userPassword attribute allows multiple values.  This implementation
+enforces a single value for the userPassword attribute, despite
+its specification.
 
 .SH CONFIGURATION
 These