[389-users] Password too similar to old one

Mark Reynolds mareynol at redhat.com
Wed May 28 20:24:08 UTC 2014 

On 05/28/2014 04:21 PM, John Trump wrote:
> Not using any other client app. User logged on to a linux system and
> trying to change password. If they choose a password to similar to the
> old one it will not allow it.
How are you changing the password, are you using ldapmodify?  Can you
post access log(/var/log/dirsrv/slapd-INSTANCE/access) output showing
the failed password attempt?
>
>
> On Wed, May 28, 2014 at 4:14 PM, Mark Reynolds <mareynol at redhat.com
> <mailto:mareynol at redhat.com>> wrote:
>
>
>     On 05/28/2014 04:06 PM, John Trump wrote:
>>     Haven't been able to come up with a solution yet. Hopefully
>>     someone on the list has a suggestion.
>>
>>
>>     On Fri, May 23, 2014 at 12:42 PM, John Trump <trumpjk at gmail.com
>>     <mailto:trumpjk at gmail.com>> wrote:
>>
>>         I would like to relax the password policy for specific users
>>         to allow them to modify passwords but use similar password to
>>         their old one. These are "group" accounts and would like to
>>         allow password to be set to: password01 then allow password
>>         to be changed to password02. Currently this is not allowed. I
>>         understand security risk etc in allowing this. I do want to
>>         keep other password complexity and history settings.
>>
>>         Suggestions?
>>
>     I'm not aware of a setting in 389 that prohibits you from using
>     secret01, then secret02, and then secret03, etc.  These should all
>     be allowed.  Are you using some other client app(freeIPA?) to make
>     these password updates?
>>
>>
>>
>>
>>     --
>>     389 users mailing list
>>     389-users at lists.fedoraproject.org <mailto:389-users at lists.fedoraproject.org>
>>     https://admin.fedoraproject.org/mailman/listinfo/389-users
>
>
>     --
>     389 users mailing list
>     389-users at lists.fedoraproject.org
>     <mailto:389-users at lists.fedoraproject.org>
>     https://admin.fedoraproject.org/mailman/listinfo/389-users
>
>
>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20140528/a0b3b00d/attachment.html>

More information about the 389-users mailing list