[389-users] Allow Directory Manager to bypass Password Policy
John Trump
trumpjk at gmail.com
Fri Apr 18 14:38:23 UTC 2014
Thank you for the response. This should help.
On Fri, Apr 18, 2014 at 5:09 AM, German Parente <gparente at redhat.com> wrote:
> Hi John,
>
> unfortunately, Directory Manager cannot bypass password policy.
>
> It could drive to inconsistencies if a new password matches one of the
> passwords kept in history.
>
> Eventually, a workaround would be just to reset passwordhistory of a
> certain user like this:
>
>
> ldapmodify -ZZZ -D "cn=directory manager" -w <password> -h localhost
> dn: uid=test01,ou=People,dc=**,dc=**,dc=**
> changetype: modify
> delete: passwordHistory
>
> This has been described, for instance, in:
>
> https://access.redhat.com/site/solutions/791773
>
>
> regards,
>
> German.
>
> ----- Original Message -----
> > From: "John Trump" <trumpjk at gmail.com>
> > To: 389-users at lists.fedoraproject.org
> > Sent: Wednesday, April 16, 2014 6:10:39 PM
> > Subject: [389-users] Allow Directory Manager to bypass Password Policy
> >
> > Is it possible to allow the Directory Manager to bypass the password
> policy
> > when resetting user passwords? I want to be able to set a users password
> to
> > a default password. Currently if this password is in the users password
> > history I can not reuse the password.
> >
> > --
> > 389 users mailing list
> > 389-users at lists.fedoraproject.org
> > https://admin.fedoraproject.org/mailman/listinfo/389-users
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20140418/932b31bd/attachment.html>
More information about the 389-users
mailing list