[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: What can I use for pwdCheckModule?



Here are my results.. ÂAny thoughts as to why this is not working?
As for my ldap version, ÂI'm using the version provided in CentOS 6. ÂI would prefer to use these prepacked builds whenever possible. ÂIf there is an issue where this will not work on that version, then I'll go ahead and upgrade.


TESTS: Â Â Â Â Â Â Â Â Â Â ÂRESULT:
pwdSafeModify: FALSE Â Â Â ÂPASS: Â Message: LDAP password information update failed: Insufficient access. Â Must supply old password to be changed as well as new one
pwdAllowUserChange: FALSE Â PASS: Â Message: LDAP password information update failed: Insufficient access. Â User alteration of password is not allowed
pwdMaxAge: 300 Â Â Â Â Â Â ÂFAIL: Â Login still allowed after 300 seconds.
pwdExpireWarning: 10 Â Â Â ÂFAIL: Â No warning message
pwdInHistory: 3 Â Â Â Â Â Â FAIL: Â I can still flip between 2 passwords
pwdMinLength: 12 Â Â Â Â Â ÂFAIL: Â I can still set a 6 char password
pwdMustChange: Â Â Â Â Â Â ÂFAIL: Â I am not forced to change passwd.
pwdMaxFailure: 2 Â Â Â Â Â ÂFAIL: Â Still allowed in after 6 failures

Other Info:
pwdLockout: Â Â Â Â TRUE
pwdLockoutDuration: 600



Thanks,
Dan


On Wed, Apr 10, 2013 at 10:41 AM, Quanah Gibson-Mount <quanah@zimbra.com> wrote:
--On Wednesday, April 10, 2013 9:30 AM -0400 D C <dc12078@gmail.com> wrote:


Server is openldap 2.4.23


Seriously? ÂYou're using a version of OpenLDAP that is nearly 3 years old? Why would you do that to yourself?

--Quanah

--

Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra :: Âthe leader in open source messaging and collaboration