I have implemented openldap in centos 6, I want to push password change policy at first login. Which pwdPolicy ObjectClass and Attributes can accomplish this task ?
# MyOrgPPolicy, Policies, eostest.com
dn: cn=MyOrgPPolicy,ou=Policies,dc=eostest,dc=com
cn: MyOrgPPolicy
pwdInHistory: 4
pwdMinLength: 9
pwdFailureCountInterval: 0
objectClass: pwdPolicy
objectClass: device
objectClass: top
objectClass: pwdPolicyChecker
pwdMustChange: TRUE
pwdMaxFailure: 3
pwdCheckQuality: 1
pwdAllowUserChange: TRUE
pwdAttribute: userPassword
pwdLockout: TRUE
pwdSafeModify: FALSE
pwdExpireWarning: 1
pwdGraceAuthNLimit: 5
pwdLockoutDuration: 60
pwdMaxAge: 2592000
pwdMinAge: 300
pwdCheckModule: pwcheck.la