[Date Prev][Date Next] [Chronological] [Thread] [Top]

ppolicy acting strange

  I see some of the ppolicy overlay working as expected, but other parts  not quite. Hopefully someone here has an idea of what I did wrong.
  I configured a default ppolicy as in the tests. I set the pwdInHistory  to 6. I then keep changing the password for a user. Because I'm using  padl, I bind as an ldap user that has write perms to the full db, but  I'm not using the rootdn. 
  The pwdMinLength test does work correctly and I have pwdCheckQuality  equal to 2. I set the password-hash to {MD5}. As I keep changing the  password, the number of pwdHistory entries keeps growing. There are 20  in there now. 
  So that seems strange. But it also lets me re-use a password I have  used previously. With MD5, the hashes are identical for the same pwd so  I see the old hash in one of the pwdHistory entries, but it still  works. 
  Any idea why it does not fail on a re-used password?
  This is version 2.3.13.

Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around