Directory-Based Information Services: Password Policies
This document extends Directory-Based Information Services (DBIS) described in [draft-bannister-dbis-mapping-00] to support the shadow databases. The shadow database schema SHALL be backwards compatible with the Network Information Service [NIS] but stored within [X.500] entries so that it may be resolved with the Lightweight Directory Access Protocol [RFC4510]. A shadow database extends user login accounts with credential policy data. This document represents shadow database entries as an extended set of attributes that may be applied to both passwd and group database entries for the management of consistent password policies. This document describes configuration maps [draft-bannister-dbis- mapping-00] for shadow databases, and database entries referenced by those maps.