This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

LDAP schema - extending schema necessary?

Hi!

We have a customer who would like to implement SSPR against AD. But they do not want to extend schema.

Based on documentations it looks like LDAP schema extension is only needed for storing challenge-response information:

https://www.netiq.com/documentation/self-service-password-reset-45/sspr-install/data/b1l54no8.html#c41dire1y

https://www.netiq.com/documentation/self-service-password-reset-45/sspr-install/data/b1l5kpc7.html

But looking at schema file there are attributes that could mean schema extension is also needed for other stuff, like pwmEventLog, pwmLastPwdUpdate, pwmGUID and pwmData.

Since customer will use remote database for challenge-response storage, is LDAP schema extension still needed? Will SSPR work without it?

Kind regards,

Sebastijan

Kind regards,

Sebastijan

If you found this post useful, give it a “Like” or click on "Verify Answer" under the "More" button

Tags: