[
https://issues.apache.org/jira/browse/DIRSERVER-2067?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Emmanuel Lecharny updated DIRSERVER-2067:
-----------------------------------------
Component/s: ppolicy
> Password Policy Enforced for admin user
> ---------------------------------------
>
> Key: DIRSERVER-2067
> URL: https://issues.apache.org/jira/browse/DIRSERVER-2067
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ppolicy
> Affects Versions: 2.0.0-M20
> Reporter: David Paulsen
> Priority: Minor
>
> When bound to a connection using the "uid=admin,ou=system" user, it enforces
> the ads-pwdInHistory in the password policy of the uid I'm changing the
> password for. For example, if I'm changing the password for
> uid=147547,ou=8300,ou=DVHead,dc=kewilltransport,dc=com, and that uid has a
> pwdPolicySubentry=ads-pwdId=DVHead8300,ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config,
> it enforces the ads-pwdId=DVHead8300 policy's ads-pwdInHistory setting even
> with the admin user.
> My understanding is that since it's the admin user, it should not be
> enforcing any password policy rules.
> Steps:
> (1) Create a password policy where the ads-pwdInHistory is greater than 0 so
> it enforces not reusing passwords.
> (2) Create a uid and set it's pwdPolicySubentry to the above password policy.
> (3) Create a connection and bind to it using the "uid=admin,ou=system" user,
> and then modify password for the above uid. You will get this error:
> error: invalid reuse of password present in password history
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
