[Date Prev][Date Next] [Chronological] [Thread] [Top]

ppolicy: pwdInHistory attribute


We have installed an openldap server 2.4.23-34 on RHEL 6.5 with ppolicy enabled.

# Standard, Policies
dn: cn=Standard,ou=Policies,dc=test,dc=es
cn: Standard
description: Standard password policy.
pwdAttribute: userPassword
pwdCheckQuality: 1
pwdMinLength: 8
pwdLockout: TRUE
pwdMustChange: TRUE
pwdAllowUserChange: TRUE
objectClass: device
objectClass: pwdPolicy
pwdSafeModify: FALSE
pwdFailureCountInterval: 3
pwdGraceAuthNLimit: 0
pwdLockoutDuration: 1200
pwdMaxFailure: 10
pwdMinAge: 10
pwdMaxAge: 31536000
pwdExpireWarning: 0
pwdInHistory: 5

All ppolicy attributtes except pwdInHistory are working. We store passwords encrypted in the directory.

Is there any way to have pwdInHistory attribute working with encrypted passwords stored in the directory?