[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8207) ppolicy: pwdMinLength not checked if pwdInHistory == 0



Full_Name: Ian Bishop
Version: 2.4.39
OS: Linux
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (2001:388:e001:ce00:f2de:f1ff:fea7:d755)


Using password policy overlay, pwdMinLength is not checked when pwdInHistory ==
0.

I tested this by setting pwdMinLength=6 and pwdInHistory=0. I was then able to
set a 3 character password. When I changed pwdInHistory > 0 and tried to set a 3
charactepapassword, the attempt was denied. I repeated this several times, and
also restarted slapd just in case - same result.

Running Openldap 2.4.39 on Centos7, installed from Centos RPM repo.