[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#5310) ppolicy
Hi Kevin,
The ITS system is for reporting defects in OpenLDAP, and the symptoms
you are describing are not indicative of that. The OpenLDAP team will
probably close this ITS with a comment to that effect.
The 'passwd' command is an OS tool, not part of OpenLDAP. Its
interaction with OpenLDAP is through the pam_ldap module, and the
conifguration of that module is most likely where your problem lies. I
suggest posting this question on the pam_ldap mailing list that is
operated by PADL, or requesting support from your OS vendor (RedHat?).
Cheers,
-Matt
--
Matthew Hardin
Symas Corporation - The LDAP Guys
http://www.symas.com
khxie@directv.com wrote:
> Full_Name: Kevin Xie
> Version: 2.3.39
> OS: RHEL 4 update 3
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (147.21.16.3)
>
>
> I am testing ppolicy on OpenLDAP 2.3.39 and 2.3.38.
> When user password expired, LDAP forced user to change password using "passwd",
> it bypassed all the ppolicy settings, like, PwdMinLength, PwdInHistory.
> Is there a way to force "passwd" to check LDAP ppolicy like "ldappasswd" does?
> Is it because "passwd" and "ldappasswd" using different encryption methods?
>
> I've uploaded ppolicy and slapd.conf in khxie_ppolicy.txt.
> I've google searched the issue and didn't find any anwser.
>
> Thanks for your help.
>
> Kevin Xie
>
>
> .
>
>