The issue was being caused by the pam module on the linux systems. Not sure why I have to modify pam module to allow similar paswords when changing ldap passwords.
On Wed, May 28, 2014 at 4:24 PM, Mark Reynolds <[email protected]> wrote: > > On 05/28/2014 04:21 PM, John Trump wrote: > > Not using any other client app. User logged on to a linux system and > trying to change password. If they choose a password to similar to the old > one it will not allow it. > > How are you changing the password, are you using ldapmodify? Can you post > access log(/var/log/dirsrv/slapd-INSTANCE/access) output showing the failed > password attempt? > > > > On Wed, May 28, 2014 at 4:14 PM, Mark Reynolds <[email protected]>wrote: > >> >> On 05/28/2014 04:06 PM, John Trump wrote: >> >> Haven't been able to come up with a solution yet. Hopefully someone on >> the list has a suggestion. >> >> >> On Fri, May 23, 2014 at 12:42 PM, John Trump <[email protected]> wrote: >> >>> I would like to relax the password policy for specific users to allow >>> them to modify passwords but use similar password to their old one. These >>> are "group" accounts and would like to allow password to be set to: >>> password01 then allow password to be changed to password02. Currently this >>> is not allowed. I understand security risk etc in allowing this. I do want >>> to keep other password complexity and history settings. >>> >>> Suggestions? >>> >> I'm not aware of a setting in 389 that prohibits you from using >> secret01, then secret02, and then secret03, etc. These should all be >> allowed. Are you using some other client app(freeIPA?) to make these >> password updates? >> >> >> >> >> -- >> 389 users mailing >> [email protected]https://admin.fedoraproject.org/mailman/listinfo/389-users >> >> >> >> -- >> 389 users mailing list >> [email protected] >> https://admin.fedoraproject.org/mailman/listinfo/389-users >> > > > > -- > 389 users mailing > [email protected]https://admin.fedoraproject.org/mailman/listinfo/389-users > > > > -- > 389 users mailing list > [email protected] > https://admin.fedoraproject.org/mailman/listinfo/389-users >
-- 389 users mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/389-users
