--On Thursday, January 27, 2022 4:04 PM +0000 Alan Andrea alan_andrea@yahoo.com wrote:
I have a question regarding password rules that are enforced when a user changes their password in OpenLDAP. We have a need to implement a dictionary rule whereby words and phrases in a dictionary are not allowed in a users password. I am not able to see currently where such functionality exists in OpenLDAP and am wondering if there are any extensions to OPenLDAP that were developed to support this or if it would be required to write code to support this feature?
OpenLDAP 2.5 and later ship with the contrib Password Policy Module that allows a number of different polices to be enforced. One of the options with it, if you read the man page, is to pass it a dictionary for use with cracklib.
Regards, Quanah