Am 11.10.2010 14:41, schrieb Meghanand Acharekar:
Hi,
I am using ppolicy overlay to enforce password policies. Following is my ppolicy configuration/ldif.
dn: cn=policies,dc=example,dc=com objectClass: top objectClass: device objectClass: pwdPolicy cn: policies pwdAttribute: userPassword pwdMaxAge: 7516800 pwdExpireWarning: 432000 pwdInHistory: 6 pwdCheckQuality: 1 pwdMinLength: 8 pwdMaxFailure: 4 pwdLockout: TRUE pwdLockoutDuration: 1920 pwdGraceAuthNLimit: 0 pwdFailureCountInterval: 0 pwdMustChange: TRUE pwdAllowUserChange: TRUE pwdSafeModify: FALSE
while changing password on first login I got following error.
WARNING: Your password has expired. You must change your password now and login again! Changing password for user prasad. Enter login(LDAP) password: New UNIX password: Retype new UNIX password: LDAP password information update failed: Constraint violation Password is too young to change passwd: Permission denied Connection to myhost closed.
Thanks in advance Meghanand N Acharekar.
Hi,
when you set 'pwdCheckQuality: 1', you require a module to actually check the quality of the password. See slapo-ppolicy(5) and look at the pwdPolicyChecker/pwdCheckModule parts.
Regards, Christian Manal