On Mon, Oct 11, 2010 at 6:42 PM, Christian Manal < moenoel@informatik.uni-bremen.de> wrote:
Am 11.10.2010 14:41, schrieb Meghanand Acharekar:
Hi,
I am using ppolicy overlay to enforce password policies. Following is my ppolicy configuration/ldif.
dn: cn=policies,dc=example,dc=com objectClass: top objectClass: device objectClass: pwdPolicy cn: policies pwdAttribute: userPassword pwdMaxAge: 7516800 pwdExpireWarning: 432000 pwdInHistory: 6 pwdCheckQuality: 1 pwdMinLength: 8 pwdMaxFailure: 4 pwdLockout: TRUE pwdLockoutDuration: 1920 pwdGraceAuthNLimit: 0 pwdFailureCountInterval: 0 pwdMustChange: TRUE pwdAllowUserChange: TRUE pwdSafeModify: FALSE
while changing password on first login I got following error.
WARNING: Your password has expired. You must change your password now and login again! Changing password for user prasad. Enter login(LDAP) password: New UNIX password: Retype new UNIX password: LDAP password information update failed: Constraint violation Password is too young to change passwd: Permission denied Connection to myhost closed.
Thanks in advance Meghanand N Acharekar.
Hi,
when you set 'pwdCheckQuality: 1', you require a module to actually check the quality of the password. See slapo-ppolicy(5) and look at the pwdPolicyChecker/pwdCheckModule parts.
Hello
After setting pwdReset TRUE in user attribute, i'm getting another error.
LDAP password information update failed: Constraint violation Password fails quality checking policy passwd: Permission denied Connection to myhost closed.
Is it mandatory to use this module if we want to enforce password policies. Any idea.
Regards, Christian Manal