[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5492) Ignore password longer than pwdMinLength specified in PPOLICY

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#5492) Ignore password longer than pwdMinLength specified in PPOLICY
From: hyc@symas.com
Date: Thu, 1 May 2008 00:11:50 GMT

huynh.tuan@comcast.net wrote:
> Full_Name: Tuan Huynh
> Version: 2.3.39
> OS: Solaris
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (216.39.129.66)
>
>
> My password is 10 characters long, however system allowed me to login as long as
> I enter first 8 characters and it ignored the rest even if I enter garbage.  For
> example:
>
> my password is !thisIsATest!
> when I login it'll accept password such as !thisIsA or !thisIsAdkdkdkdkdkdkdkdk
>
> I used ppolicy and pwdMinLength is set at 8

Sounds like a configuration error in your Solaris system, or possibly a poor 
choice of password hash mechanism. I don't see any evidence of an OpenLDAP bug 
here.

-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

Prev by Date: (ITS#5492) Ignore password longer than pwdMinLength specified in PPOLICY
Next by Date: (ITS#5492)
Index(es):
- Chronological
- Thread