Hi, Is there any way that we can configure IPA server not to do Strict Checking for Password. For EG:
*BAD PASSWORD: The password is too similar to the old one* *New password: * *BAD PASSWORD: The password fails the dictionary check - it is based on a dictionary word* We tried removing "use_authtok" from below but no luck. password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok system-auth "password" config: [root@cipa vagrant]# cat /etc/pam.d/system-auth | grep password | grep -v grep *password requisite pam_pwquality.so try_first_pass retry=3 type=* *password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok* *password sufficient pam_sss.so use_authtok* *password required pam_deny.so* [root@cipa vagrant]# *Best Regards,__________________________________________* *Yogesh Sharma*
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
