Here is my defined ppolicy. I have defined in my
/etc/ldap.conf pam_password exop. Password history and check_password was
working when I had pam_password md5. I wonder if it has something to do with
the way the password is being hashed. dn: cn=default,ou=policies,dc=turbocorp,dc=com cn: default sn: surname objectClass: pwdPolicy objectClass: person objectClass: top objectClass: pwdPolicyChecker pwdAttribute: userPassword pwdInHistory: 3 pwdMinLength: 8 pwdMaxFailure: 5 pwdLockout: TRUE pwdLockoutDuration: 300 pwdAllowUserChange: TRUE pwdSafeModify: FALSE pwdMinAge: 0 pwdExpireWarning: 1209600 pwdCheckModule: /usr/local/libexec/openldap/check_password.so pwdGraceAuthNLimit: 3 pwdFailureCountInterval: 86400 pwdCheckQuality: 2 pwdMustChange: TRUE pwdMaxAge: 172800 John Allgood Senior Systems Administrator OHL Transportation Services 2251 Jesse Jewell Pky. NE Gainesville, GA 30507 tel: (678) 989-3051 fax: (770) 531-7878 From: Adam Leach
[mailto:adam.m.leach@gmail.com] It would help if you would
attach the ppolicy that this entry uses in order to make sure it is configured
correctly... On Thu, Jun 24, 2010 at 7:56 AM, Allgood, John <jallgood@ohl.com> wrote: Yes I set that yesterday but now my password history is not
working. It seems when I get one thing working something else breaks. Any ideas
on the password history?
______________________________________________________ This e-mail transmission may contain information that is proprietary, privileged and/or confidential and is intended exclusively for the person(s) to whom it is addressed. Any use, copying, retention or disclosure by any person other than the intended recipient or the intended recipient's designees is strictly prohibited. If you are not the intended recipient or their designee, please notify the sender immediately by return e-mail and delete all copies. |