[Date Prev][Date Next] [Chronological] [Thread] [Top]

pwdCheckQuality doesn't work

To: openldap-software@openldap.org
Subject: pwdCheckQuality doesn't work
From: Zhang Weiwu <zhangweiwu@realss.com>
Date: Fri, 25 Jul 2008 21:30:20 +0800
User-agent: Thunderbird 2.0.0.14 (X11/20080621)

My checklist:

   1. RTFM slapo-ppolicy: done, 3 times;
   2. check openldap version: 2.4, newly installed on Gentoo Linux;
   3. check ppolicy overlay successfully loaded and being used: must be,
      because operational attribute like pwdFailureTime was maintained;
   4. pwdAttribute setting: correct, value is "userPassword";
   5. pwdCheckQuality: correct, value is 2 (server always check password
      syntax);
   6. pwdMinLength: correct, value is 6, server do not accept password
      short than 6 character;
   7. ppolicy_default: correctly set, because change pwdMaxFailure on
      default entry does have effect;
   8. the entry being operated doesn't have pwdPolicySubentry, so
      default should be applied: correct;
   9. slapd server was restarted after all above check;

Test result: Still doesn't work:

$ldappasswd -vD uid=admin,st=jiangxi,o=LGOP -x -w secret -s 13456 ou=ååå,st=jiangxi,o=LGOP
ldap_initialize( <DEFAULT> )
Result: Success (0)

(expected not successful here because new password was too short)

I am stuck here. Do I miss something on my checklist?

Follow-Ups:
- Re: pwdCheckQuality doesn't work
  - From: "Dieter Kluenter" <dieter@dkluenter.de>

Prev by Date: Re: Synrepl
Next by Date: Re: DN index delete failed
Index(es):
- Chronological
- Thread