On 09/27/2013 09:31 AM, Innes, Duncan wrote:
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Sumit Bose
Sent: 26 September 2013 17:36
Subject: Re: [Freeipa-users] Force IPA to accept password?
Which command did you use to change the password? 'passwd' or
If you use 'passwd' the PAM stack on the client for the
passwd command comes into play which typically has some
modules like pam_pwquality.so listed which do checks
including dictionary checks.
If you use 'ipa passwd' the password should be only validated
against the server-side password policy Martin mentioned above.
Sumit, yes - I used 'passwd'. I'll look into using 'ipa passwd' in
3 months time :-)
Eh, ok :-) BTW, you could also standard kpasswd, it should also avoid modules
like pam_pwquality.so and only use the server policy.
Freeipa-users mailing list