1Net::LDAP::Control::PasUssweorrdCPoonltirciyb(u3t)ed PerNletD:o:cLuDmAePn:t:aCtoinotnrol::PasswordPolicy(3)
2
3
4

NAME

6       Net::LDAP::Control::PasswordPolicy - LDAPv3 Password Policy control
7       object
8

SYNOPSIS

10        use Net::LDAP;
11        use Net::LDAP::Control::PasswordPolicy;
12        use Net::LDAP::Constant qw( LDAP_CONTROL_PASSWORDPOLICY );
13
14        $ldap = Net::LDAP->new( "ldap.example.com" );
15
16        $pp = Net::LDAP::Control::PasswordPolicy->new;
17
18        $mesg = $ldap->bind( "cn=Bob Smith,dc=example,dc=com",
19                             password => "secret",
20                             control => [ $pp ] );
21
22        # Get password policy response
23        my($resp)  = $mesg->control( LDAP_CONTROL_PASSWORDPOLICY );
24
25        if (defined($resp)) {
26          my $v = $resp->pp_error;
27          print "Password policy error $v\n"  if defined $v;
28          $v = $resp->time_before_expiration;
29          print "Password expires in $v second(s)\n"  if defined $v;
30        }
31

DESCRIPTION

33       "Net::LDAP::Control::PasswordPolicy" provides an interface for the
34       creation and manipulation of objects that represent
35       "PasswordPolicyRequest"s and "PasswordPolicyResponse"s as described by
36       draft-behera-password-policy-09.
37
38       This control can be passed to most operations, including the bind.
39

CONSTRUCTOR ARGUMENTS

41       There are no constructor arguments other than those provided by
42       Net::LDAP::Control.
43

METHODS

45       time_before_expiration
46           If defined, this is an integer value holding the time left in
47           seconds before the account's password will expire.
48
49       grace_authentications_remaining
50           If defined, this is an integer value holding the number of
51           authentication requests allowed before the account is locked.
52
53       pp_error
54           If defined, this contains a more detailed error code for the
55           account.  See Net::LDAP::Constant for definitions of each.  Values
56           can include:
57
58           LDAP_PP_PASSWORD_EXPIRED
59           LDAP_PP_ACCOUNT_LOCKED
60           LDAP_PP_CHANGE_AFTER_RESET
61           LDAP_PP_PASSWORD_MOD_NOT_ALLOWED
62           LDAP_PP_MUST_SUPPLY_OLD_PASSWORD
63           LDAP_PP_INSUFFICIENT_PASSWORD_QUALITY
64           LDAP_PP_PASSWORD_TOO_SHORT
65           LDAP_PP_PASSWORD_TOO_YOUNG
66           LDAP_PP_PASSWORD_IN_HISTORY
67

SEE ALSO

69       Net::LDAP, Net::LDAP::Control, Net::LDAP::Constant,
70       draft-behera-ldap-password-policy-09.txt
71

AUTHOR

73       Chris Ridd <chris.ridd@isode.com>
74
75       Please report any bugs, or post any suggestions, to the perl-ldap
76       mailing list <perl-ldap@perl.org>
77
79       Copyright (c) 2008 Chris Ridd. All rights reserved. This program is
80       free software; you can redistribute it and/or modify it under the same
81       terms as Perl itself.
82
83
84
85perl v5.36.0                      2023-01-N2e4t::LDAP::Control::PasswordPolicy(3)
Impressum