# Net::LDAP::Control::PasswordPolicy - phpMan

## NAME
    [Net::LDAP::Control::PasswordPolicy] - LDAPv3 Password Policy control
    object

## SYNOPSIS
     use [Net::LDAP];
     use [Net::LDAP::Control::PasswordPolicy];
     use [Net::LDAP::Constant] qw( LDAP_CONTROL_PASSWORDPOLICY );

     $ldap = [Net::LDAP]->new( "ldap.example.com" );

     $pp = [Net::LDAP::Control::PasswordPolicy]->new;

     $mesg = $ldap->bind( "cn=Bob Smith,dc=example,dc=com",
                          password => "secret",
                          control => [ $pp ] );

     # Get password policy response
     my($resp)  = $mesg->control( LDAP_CONTROL_PASSWORDPOLICY );

     if (defined($resp)) {
       my $v = $resp->pp_error;
       print "Password policy error $v\n"  if defined $v;
       $v = $resp->time_before_expiration;
       print "Password expires in $v second(s)\n"  if defined $v;
     }

## DESCRIPTION
    "[Net::LDAP::Control::PasswordPolicy]" provides an interface for the
    creation and manipulation of objects that represent
    "PasswordPolicyRequest"s and "PasswordPolicyResponse"s as described by
    draft-behera-password-policy-09.

    This control can be passed to most operations, including the bind.

## CONSTRUCTOR ARGUMENTS
    There are no constructor arguments other than those provided by
    [Net::LDAP::Control].

## METHODS
    time_before_expiration
        If defined, this is an integer value holding the time left in
        seconds before the account's password will expire.

    grace_authentications_remaining
        If defined, this is an integer value holding the number of
        authentication requests allowed before the account is locked.

    pp_error
        If defined, this contains a more detailed error code for the
        account. See [Net::LDAP::Constant] for definitions of each. Values can
        include:

        LDAP_PP_PASSWORD_EXPIRED
        LDAP_PP_ACCOUNT_LOCKED
        LDAP_PP_CHANGE_AFTER_RESET
        LDAP_PP_PASSWORD_MOD_NOT_ALLOWED
        LDAP_PP_MUST_SUPPLY_OLD_PASSWORD
        LDAP_PP_INSUFFICIENT_PASSWORD_QUALITY
        LDAP_PP_PASSWORD_TOO_SHORT
        LDAP_PP_PASSWORD_TOO_YOUNG
        LDAP_PP_PASSWORD_IN_HISTORY

## SEE ALSO
    [Net::LDAP], [Net::LDAP::Control], [Net::LDAP::Constant],
    draft-behera-ldap-password-policy-09.txt

## AUTHOR
    Chris Ridd <<chris.ridd@isode.com>>

    Please report any bugs, or post any suggestions, to the perl-ldap
    mailing list <<perl-ldap@perl.org>>

## COPYRIGHT
    Copyright (c) 2008 Chris Ridd. All rights reserved. This program is free
    software; you can redistribute it and/or modify it under the same terms
    as Perl itself.