Net::LDAP::Control::PasswordPolicy

Section: User Contributed Perl Documentation (3)
Updated: 2021-02-16
Page Index
 

NAME

Net::LDAP::Control::PasswordPolicy - LDAPv3 Password Policy control object  

SYNOPSIS

 use Net::LDAP;
 use Net::LDAP::Control::PasswordPolicy;
 use Net::LDAP::Constant qw( LDAP_CONTROL_PASSWORDPOLICY );

 $ldap = Net::LDAP->new( "ldap.example.com" );

 $pp = Net::LDAP::Control::PasswordPolicy->new;

 $mesg = $ldap->bind( "cn=Bob Smith,dc=example,dc=com",
                      password => "secret",
                      control => [ $pp ] );

 # Get password policy response
 my($resp)  = $mesg->control( LDAP_CONTROL_PASSWORDPOLICY );

 if (defined($resp)) {
   my $v = $resp->pp_error;
   print "Password policy error $v\n"  if defined $v;
   $v = $resp->time_before_expiration;
   print "Password expires in $v second(s)\n"  if defined $v;
 }
 

DESCRIPTION

"Net::LDAP::Control::PasswordPolicy" provides an interface for the creation and manipulation of objects that represent "PasswordPolicyRequest"s and "PasswordPolicyResponse"s as described by draft-behera-password-policy-09.

This control can be passed to most operations, including the bind.  

CONSTRUCTOR ARGUMENTS

There are no constructor arguments other than those provided by Net::LDAP::Control.  

METHODS

time_before_expiration
If defined, this is an integer value holding the time left in seconds before the account's password will expire.
grace_authentications_remaining
If defined, this is an integer value holding the number of authentication requests allowed before the account is locked.
pp_error
If defined, this contains a more detailed error code for the account. See Net::LDAP::Constant for definitions of each. Values can include:
LDAP_PP_PASSWORD_EXPIRED
LDAP_PP_ACCOUNT_LOCKED
LDAP_PP_CHANGE_AFTER_RESET
LDAP_PP_PASSWORD_MOD_NOT_ALLOWED
LDAP_PP_MUST_SUPPLY_OLD_PASSWORD
LDAP_PP_INSUFFICIENT_PASSWORD_QUALITY
LDAP_PP_PASSWORD_TOO_SHORT
LDAP_PP_PASSWORD_TOO_YOUNG
LDAP_PP_PASSWORD_IN_HISTORY
 

SEE ALSO

Net::LDAP, Net::LDAP::Control, Net::LDAP::Constant, draft-behera-ldap-password-policy-09.txt  

AUTHOR

Chris Ridd <chris.ridd@isode.com>

Please report any bugs, or post any suggestions, to the perl-ldap mailing list <perl-ldap@perl.org>  

COPYRIGHT

Copyright (c) 2008 Chris Ridd. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

 

Index

NAME
SYNOPSIS
DESCRIPTION
CONSTRUCTOR ARGUMENTS
METHODS
SEE ALSO
AUTHOR
COPYRIGHT