[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Ppolicy - password history

To: Andris.Eiduks@tietoenator.com
Subject: Re: Ppolicy - password history
From: Howard Chu <hyc@symas.com>
Date: Fri, 19 Jan 2007 00:45:51 -0800
Cc: openldap-software@openldap.org
In-reply-to: <1FABB43D1E997C49B412A3008386ADB9025EC2A1@dino.eu.tieto.com>
References: <1FABB43D1E997C49B412A3008386ADB9025EC2A1@dino.eu.tieto.com>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a2pre) Gecko/20070113 Netscape/7.2 (ax) Firefox/1.5 SeaMonkey/1.5a

Andris.Eiduks@tietoenator.com wrote:

Then do You recommend use only clearteaxt password from *client* side ?

Yes. Specifically, the client should always use the PasswordModify extended operation, it should not use LDAPModify on the userPassword attribute. (For one thing, there are no guarantees that a particular server even uses the userPassword attribute for anything.)

--
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  OpenLDAP Core Team            http://www.openldap.org/project/

References:
- RE: Ppolicy - password history
  - From: <Andris.Eiduks@tietoenator.com>

Prev by Date: RE: Ppolicy - password history
Next by Date: Re: ldap.conf for syncrepl provider and consumer using tls
Index(es):
- Chronological
- Thread