William I want to let this user bypass the policy and add a pre-hashed password, I also have a global policy and some OU policies level. On this OU OU=POP-PA,dc=my,dc=domain I have a local policy set.
Should I set pwadmin in local policy level? global policy level is not enough? Thanks Alberto Viana On Tue, May 5, 2020 at 7:57 PM William Brown <[email protected]> wrote: > > > > On 6 May 2020, at 04:33, Alberto Viana <[email protected]> wrote: > > > > additional info: invalid password syntax - passwords with storage scheme > are not allowed > > > > > This line here is saying that you have a userPassword: {SCHEME}<Hash> in > your ldif (I think). By default we don't allow this, but there is a migrate > password hash option in cn=config. > > Of course, loading a hash this way bypasses the password policy checks > .... > > So you may want to check your ldif, and set the userPassword as cleartext > for the modify, and the server-side will apply pwpolicy and perform proper > hashing. > > Hope that helps, > > — > Sincerely, > > William Brown > > Senior Software Engineer, 389 Directory Server > SUSE Labs > _______________________________________________ > 389-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/[email protected] >
_______________________________________________ 389-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
