[Date Prev][Date Next] [Chronological] [Thread] [Top]

password policy error: Password policy only allows one password value

Hi,

I activated the password policy overlay but every time I try to update the 
password using ldappassw I get this error message:

  SASL/EXTERNAL authentication started
  SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
  SASL SSF: 0
  Result: Constraint violation (19)
  Additional info: Password policy only allows one password value

The user account has it attribute pwdPolicySubentry set to the policy listed 
below. The original account had multiple userPassword values with different 
hashes but I deleting every attribute userPassword but the last one didn't 
help. Deleting all userPassword attributes didn't work either. ldappasswd 
always returns the error.

Any idea what causes the problem or what setting to check?


Regards
Joke


-----------------------------------------------------------------------------

dn: cn=person,ou=policies,dc=seiken,dc=de
objectClass: top
objectClass: person
objectClass: pwdPolicy
cn: person
pwdAttribute: userPassword
sn: -none-
description: password policy designed for real people logins
pwdAllowUserChange: TRUE
pwdCheckQuality: 1
pwdExpireWarning: 2592000
pwdFailureCountInterval: 5
pwdGraceAuthNLimit: 3
pwdInHistory: 5
pwdLockout: TRUE
pwdLockoutDuration: 3600
pwdMaxAge: 7776000
pwdMaxFailure: 60
pwdMinAge: 0
pwdMinLength: 5
pwdMustChange: TRUE
pwdSafeModify: FALSE

-----------------------------------------------------------------------------