Aaron Mills wrote:
I have an FDS and 389 instance set up with a number of users, and password policy
requiring minimum password length, some numbers, and some other characters.
This all works well for mandating secure passwords. However, whenever users authenticate
via LDAP the server appears to check only the first 8 characters of their passwords. For
example if a user has a password of "foobar1234!" they can still login with
"foobar12" or "foobar12bazbaz" I've tested this with unix client
logins (via PAM) and directly via the ldapsearch command. Both exhibit the same behavior.
Goo diligence hasn't really turned up anything, though it could be I'm missing
the obvious. Has anyone run into this problem before? Is this possibly an issue with they
way i'm storing passwords?
How are you storing passwords?
What platform? What version of 389-ds-base?
389 users mailing list