Net::LDAP::Control::PasswordPolicy − LDAPv3 Password Policy control object
use Net::LDAP;
use Net::LDAP::Control::PasswordPolicy;
use Net::LDAP::Constant qw( LDAP_CONTROL_PASSWORDPOLICY );
$ldap = Net::LDAP−>new(
"ldap.example.com" );
$pp = Net::LDAP::Control::PasswordPolicy−>new;
$mesg = $ldap−>bind( "cn=Bob
Smith,dc=example,dc=com",
password => "secret",
control => [ $pp ] );
# Get password policy response
my($resp) = $mesg−>control(
LDAP_CONTROL_PASSWORDPOLICY );
if (defined($resp)) {
my $v = $resp−>pp_error;
print "Password policy error $v\n" if defined $v;
$v = $resp−>time_before_expiration;
print "Password expires in $v second(s)\n" if
defined $v;
}
"Net::LDAP::Control::PasswordPolicy" provides an interface for the creation and manipulation of objects that represent "PasswordPolicyRequest"s and "PasswordPolicyResponse"s as described by draft−behera−password−policy−09.
This control can be passed to most operations, including the bind.
There are no constructor arguments other than those provided by Net::LDAP::Control.
time_before_expiration
If defined, this is an integer value holding the time left in seconds before the account’s password will expire.
grace_authentications_remaining
If defined, this is an integer value holding the number of authentication requests allowed before the account is locked.
pp_error
If defined, this contains a
more detailed error code for the account. See
Net::LDAP::Constant for definitions of each. Values can
include:
LDAP_PP_PASSWORD_EXPIRED
LDAP_PP_ACCOUNT_LOCKED
LDAP_PP_CHANGE_AFTER_RESET
LDAP_PP_PASSWORD_MOD_NOT_ALLOWED
LDAP_PP_MUST_SUPPLY_OLD_PASSWORD
LDAP_PP_INSUFFICIENT_PASSWORD_QUALITY
LDAP_PP_PASSWORD_TOO_SHORT
LDAP_PP_PASSWORD_TOO_YOUNG
LDAP_PP_PASSWORD_IN_HISTORY
Net::LDAP, Net::LDAP::Control, Net::LDAP::Constant, draft−behera−ldap−password−policy−09.txt
Chris Ridd <[email protected]>
Please report any bugs, or post any suggestions, to the perl-ldap mailing list <perl−[email protected]>
Copyright (c) 2008 Chris Ridd. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.