[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8207) ppolicy: pwdMinLength not checked if pwdInHistory == 0

To: openldap-its@OpenLDAP.org
Subject: (ITS#8207) ppolicy: pwdMinLength not checked if pwdInHistory == 0
From: porjo38@yahoo.com.au
Date: Wed, 29 Jul 2015 14:02:20 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Ian Bishop
Version: 2.4.39
OS: Linux
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (2001:388:e001:ce00:f2de:f1ff:fea7:d755)


Using password policy overlay, pwdMinLength is not checked when pwdInHistory ==
0.

I tested this by setting pwdMinLength=6 and pwdInHistory=0. I was then able to
set a 3 character password. When I changed pwdInHistory > 0 and tried to set a 3
charactepapassword, the attempt was denied. I repeated this several times, and
also restarted slapd just in case - same result.

Running Openldap 2.4.39 on Centos7, installed from Centos RPM repo.

Prev by Date: (ITS#8206) ldapsearch incorrectly cannonicalizes dns names for GSSAPI
Next by Date: Re: (ITS#8206) ldapsearch incorrectly cannonicalizes dns names for GSSAPI
Index(es):
- Chronological
- Thread