26 Nov
2013
26 Nov
'13
2:04 a.m.
2013/11/26 Aleksander Dzierżanowski olo@e-lista.pl:
Thank you Esteban for your reply.
I was missing pwdCheckQuality attribute in pwpolicy, which is mandatory to set - if not, length checks are not performed. Default value (if not set) for pwdCheckQuality in my opinion should be set to 1. Otherwise presence of pwdMinLength in policy can be confusing.
Set it to 2 if you want to reject SSHA passwords for which min length can not be checked.
Clément.