<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<br>
<div class="moz-cite-prefix">On 05/28/2014 04:21 PM, John Trump
wrote:<br>
</div>
<blockquote
cite="mid:CANd=zCjM37=K_uh+gK9c3Ro6QhAt-bQ23BTeSvoJNSvj08zbLw@mail.gmail.com"
type="cite">
<div dir="ltr">Not using any other client app. User logged on to a
linux system and trying to change password. If they choose a
password to similar to the old one it will not allow it.</div>
</blockquote>
How are you changing the password, are you using ldapmodify? Can
you post access log(/var/log/dirsrv/slapd-INSTANCE/access) output
showing the failed password attempt?<br>
<blockquote
cite="mid:CANd=zCjM37=K_uh+gK9c3Ro6QhAt-bQ23BTeSvoJNSvj08zbLw@mail.gmail.com"
type="cite">
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Wed, May 28, 2014 at 4:14 PM, Mark
Reynolds <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:mareynol@redhat.com" target="_blank">mareynol@redhat.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>
<div class="h5"> <br>
<div>On 05/28/2014 04:06 PM, John Trump wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Haven't been able to come up with a
solution yet. Hopefully someone on the list has a
suggestion.</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Fri, May 23, 2014 at
12:42 PM, John Trump <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:trumpjk@gmail.com"
target="_blank">trumpjk@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0
0 0 .8ex;border-left:1px #ccc
solid;padding-left:1ex">
<div dir="ltr">I would like to relax the
password policy for specific users to allow
them to modify passwords but use similar
password to their old one. These are "group"
accounts and would like to allow password to
be set to: password01 then allow password to
be changed to password02. Currently this is
not allowed. I understand security risk etc
in allowing this. I do want to keep other
password complexity and history settings.
<div> <br>
</div>
<div>Suggestions?</div>
</div>
</blockquote>
</div>
</div>
</blockquote>
</div>
</div>
I'm not aware of a setting in 389 that prohibits you from
using secret01, then secret02, and then secret03, etc.
These should all be allowed. Are you using some other
client app(freeIPA?) to make these password updates?<br>
<blockquote type="cite">
<div class="gmail_extra">
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
</blockquote>
</div>
<br>
</div>
<br>
<span class="HOEnZb"><font color="#888888">
<fieldset></fieldset>
<br>
<pre>--
389 users mailing list
<a moz-do-not-send="true" href="mailto:389-users@lists.fedoraproject.org" target="_blank">389-users@lists.fedoraproject.org</a>
<a moz-do-not-send="true" href="https://admin.fedoraproject.org/mailman/listinfo/389-users" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/389-users</a></pre>
</font></span></blockquote>
<br>
</div>
<br>
--<br>
389 users mailing list<br>
<a moz-do-not-send="true"
href="mailto:389-users@lists.fedoraproject.org">389-users@lists.fedoraproject.org</a><br>
<a moz-do-not-send="true"
href="https://admin.fedoraproject.org/mailman/listinfo/389-users"
target="_blank">https://admin.fedoraproject.org/mailman/listinfo/389-users</a><br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">--
389 users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:389-users@lists.fedoraproject.org">389-users@lists.fedoraproject.org</a>
<a class="moz-txt-link-freetext" href="https://admin.fedoraproject.org/mailman/listinfo/389-users">https://admin.fedoraproject.org/mailman/listinfo/389-users</a></pre>
</blockquote>
<br>
</body>
</html>