I have a password applied globally like this: dn: cn=cn\3DnsPwPolicyEntry\2CDC\3Dmy\2CDC\3Ddomain,cn=nsPwPolicyContainer,dc= my,dc=domain passwordLockout: off passwordGraceLimit: 50 passwordWarning: 86400 passwordInHistory: 3 passwordMinLength: 8 passwordMinCategories: 3 passwordStorageScheme: SSHA512 passwordChange: on passwordMaxAge: 31536000 passwordCheckSyntax: on passwordExp: on objectClass: top objectClass: ldapsubentry objectClass: passwordpolicy cn: cn=nsPwPolicyEntry,DC=my,DC=domain
In a sub OU, I have this policy: # cn\3DnsPwPolicyEntry\2Cou\3DPOPS\2COU\3DEXTERNOS\2Cou\3Dmy\2Cdc\3Dmy\2Cdc\3 Ddomain, nsPwPolicyContainer, POPS, EXTERNOS, my, my.domain dn: cn=cn\3DnsPwPolicyEntry\2Cou\3DPOPS\2COU\3DEXTERNOS\2Cou\3Dmy\2Cdc\3Dmy\ 2Cdc\3Ddomain,cn=nsPwPolicyContainer,ou=POPS,OU=EXTERNOS,ou=my,dc=my,dc=domain passwordLockout: off passwordGraceLimit: 50 passwordStorageScheme: SSHA passwordChange: on passwordMaxAge: 31536000 passwordCheckSyntax: off passwordExp: off objectClass: top objectClass: ldapsubentry objectClass: passwordpolicy cn: cn=nsPwPolicyEntry,ou=POPS,OU=EXTERNOS,dc=my,dc=domain But when I try to add a prehashed password on this sub OU, I see this kind of error: LDAP: error code 19 - invalid password syntax - passwords with storage scheme are not allowed Is this an expected behavior even if in sub OU I have an password policy with passwordCheckSyntax set to off? If so, do I have any way to disable this behavior? (but I can not disable my global password policy) PS: The password policy is respecting the fact of passwordCheckSyntax is set to off when I try to add a simple password like '1234'.
_______________________________________________ 389-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
