On Wed, 25 Mar 2015, Yogesh Sharma wrote:
Is there any way that we can configure IPA server not to do Strict Checking
*BAD PASSWORD: The password is too similar to the old one*
*New password: *
*BAD PASSWORD: The password fails the dictionary check - it is based on a
We tried removing "use_authtok" from below but no luck.
password sufficient pam_unix.so sha512 shadow nullok try_first_pass
You are changing *wrong* configuration.
system-auth "password" config:
[root@cipa vagrant]# cat /etc/pam.d/system-auth | grep password | grep -v
*password requisite pam_pwquality.so try_first_pass retry=3 type=*
pam_pwquality is responsible for the password strength checks in PAM
stack. Read its documentation for details.
P.S. This question has nothing to do with FreeIPA.
/ Alexander Bokovoy
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project