[389-users] Password too similar to old one
Mark Reynolds
mareynol at redhat.com
Wed May 28 20:24:08 UTC 2014
On 05/28/2014 04:21 PM, John Trump wrote:
> Not using any other client app. User logged on to a linux system and
> trying to change password. If they choose a password to similar to the
> old one it will not allow it.
How are you changing the password, are you using ldapmodify? Can you
post access log(/var/log/dirsrv/slapd-INSTANCE/access) output showing
the failed password attempt?
>
>
> On Wed, May 28, 2014 at 4:14 PM, Mark Reynolds <mareynol at redhat.com
> <mailto:mareynol at redhat.com>> wrote:
>
>
> On 05/28/2014 04:06 PM, John Trump wrote:
>> Haven't been able to come up with a solution yet. Hopefully
>> someone on the list has a suggestion.
>>
>>
>> On Fri, May 23, 2014 at 12:42 PM, John Trump <trumpjk at gmail.com
>> <mailto:trumpjk at gmail.com>> wrote:
>>
>> I would like to relax the password policy for specific users
>> to allow them to modify passwords but use similar password to
>> their old one. These are "group" accounts and would like to
>> allow password to be set to: password01 then allow password
>> to be changed to password02. Currently this is not allowed. I
>> understand security risk etc in allowing this. I do want to
>> keep other password complexity and history settings.
>>
>> Suggestions?
>>
> I'm not aware of a setting in 389 that prohibits you from using
> secret01, then secret02, and then secret03, etc. These should all
> be allowed. Are you using some other client app(freeIPA?) to make
> these password updates?
>>
>>
>>
>>
>> --
>> 389 users mailing list
>> 389-users at lists.fedoraproject.org <mailto:389-users at lists.fedoraproject.org>
>> https://admin.fedoraproject.org/mailman/listinfo/389-users
>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> <mailto:389-users at lists.fedoraproject.org>
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>
>
>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20140528/a0b3b00d/attachment.html>
More information about the 389-users
mailing list