[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Help with password policy
- To: Gabriella Turek <Gabriella.Turek@niwa.co.nz>
- Subject: Re: Help with password policy
- From: Clément OUDOT <clem.oudot@gmail.com>
- Date: Thu, 29 Mar 2012 09:14:36 +0200
- Cc: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=GM2ojqK13olpZgqiknClGhClVpoLyOqnjVaFL1UEieU=; b=AIZmbuhNWO3yps5yfxN7lW4V+rUl0Wx/CqjSv6C/PA+ZJCdAs7WWjq2TbGtVIQO0aY dxzCr6s/3ncqm1RvLvQlUVRBaH5u1aI7bcuFHZLytsv2LX1ZuPvxlAZhI2nRNDXsT6AI 0l/KReNmp0jZxk3f+olPuFPLOySWFasjd+XDRWiG2ZaHzmx11qD6UQpVIB5emUC2Hrhd 4Nyk4sTtmrPLoNMgFZ2RFyUdjIPCbigoM8TQyQNBBbw5ZdvllGRqUXWZVvrtR9bkGlNX zK1ozR7XRxvsa2bkn+Ai6iD9YpDGLl2Gly5MKaPGtgQtO7ZdcTYU9a0cJ9zkZppOlIyW 3PCA==
- In-reply-to: <CB9A3460.4D10%g.turek@niwa.co.nz>
- References: <CB9A3460.4D10%g.turek@niwa.co.nz>
Le 29 mars 2012 04:46, Gabriella Turek <Gabriella.Turek@niwa.co.nz> a écrit :
> Setup: OpenLDAP 2.4 SUSE SLES11, chaining (read only) to an AD directory
>
> I've set up a simple default pwd policy and configured it in slapd.conf:
>
> - Included the schema /etc/openldap/schema/ppolicy.schema
>
> - Under my db configuration added the entries
> overlay ppolicy
> ppolicy_default "cn=default,ou=pwpolicies,dc=niwa,dc=local"
>
> - The policy is simply:
> dn: cn=default,ou=pwpolicies,dc=example,dc=com
> cn: default
> …..
> pwdMinLength: 8
> pwdAllowUserChange: TRUE
>
> But when I run tests with too short a password the password still gets
> changed. No error messages.
Hi,
this can happen if:
* your are changing the password as rootdn (rootdn bypass password policy)
* you are changing the password by giving the SSHA value, which is
bigger than 8 characters
Clément.