From 9fcb15e18f21acf3fef0fb59dccc3fa0dd37efd4 Mon Sep 17 00:00:00 2001
From: Scott Little <scott.little@windriver.com>
Date: Mon, 2 Oct 2017 17:11:22 -0400
Subject: [PATCH] WRS: openldap-enable-password-policy.patch

---
 SPECS/openldap.spec | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/SPECS/openldap.spec b/SPECS/openldap.spec
index 66a1377..468ca0e 100644
--- a/SPECS/openldap.spec
+++ b/SPECS/openldap.spec
@@ -71,6 +71,9 @@ Patch101: openldap-tlsmc.patch
 # Fedora specific patches
 Patch102: openldap-fedora-systemd.patch
 
+# WRS specific patches
+Patch200: rootdn-should-not-bypass-ppolicy.patch
+
 BuildRequires: cyrus-sasl-devel, nss-devel, openssl-devel, krb5-devel, tcp_wrappers-devel, unixODBC-devel
 BuildRequires: glibc-devel, libtool, libtool-ltdl-devel, groff, perl, perl-devel, perl(ExtUtils::Embed)
 Requires: nss-tools
@@ -190,6 +193,9 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi
 
 %patch102 -p1
 
+# WRS
+%patch200 -p1
+
 # build smbk5pwd with other overlays
 ln -s ../../../contrib/slapd-modules/smbk5pwd/smbk5pwd.c servers/slapd/overlays
 mv contrib/slapd-modules/smbk5pwd/README contrib/slapd-modules/smbk5pwd/README.smbk5pwd
@@ -312,12 +318,12 @@ install -d -m 740 %{buildroot}%{_sysconfdir}/openldap
 cat > %{buildroot}%{_sysconfdir}/openldap/check_password.conf <<EOF
 # OpenLDAP pwdChecker library configuration
 
-#useCracklib 1
-#minPoints 3
-#minUpper 0
-#minLower 0
-#minDigit 0
-#minPunct 0
+useCracklib 1
+minPoints 4
+minUpper 1
+minLower 1
+minDigit 1
+minPunct 1
 EOF
 mv README{,.check_pwd}
 popd
-- 
2.7.4