[Date Prev][Date Next] [Chronological] [Thread] [Top]

Need help on pwdCheckQuality


I need to enforce the password quality check. I've set all the the requirement on the slapd.conf created default policies profile. Unfortunately, the pwdMinLength and pwdCheckQuality are not working. I also try to compile the cracklib with check_password.c and the Makefile. The instruction was not very clear. Does anyone have a procedure to install the check_password.so module? Please help me with this. See my below setting. I omitted all the other parts from slapd.conf..

slapd.conf file:
include         /usr/local/etc/openldap/schema/ppolicy.schema
overlay ppolicy
ppolicy_default "cn=default,ou=policies,dc=example,dc=com"

# default, policies, arc.nasa.gov
dn: cn=default,ou=policies,dc=example,dc=com
cn: default
objectClass: pwdPolicy
objectClass: person
objectClass: top
objectClass: pwdPolicyChecker
pwdAllowUserChange: TRUE
pwdAttribute: userPassword
pwdExpireWarning: 180
pwdFailureCountInterval: 30
pwdGraceAuthNLimit: 5
pwdInHistory: 24
pwdLockout: TRUE
pwdLockoutDuration: 1800
pwdMaxAge: 15768000
pwdMaxFailure: 5
pwdMinAge: 0
pwdMinLength: 12
pwdMustChange: TRUE
pwdSafeModify: FALSE
sn: default policy
pwdCheckModule: check_password.so
pwdCheckQuality: 2