Hi,
I see some of the ppolicy overlay working as expected, but other parts not
quite. Hopefully someone here has an idea of what I did wrong.
I configured a default ppolicy as in the tests. I set the pwdInHistory to 6.
I then keep changing the password for a user. Because I'm using padl, I bind
as an ldap user that has write perms to the full db, but I'm not using the
rootdn.
The pwdMinLength test does work correctly and I have pwdCheckQuality equal
to 2. I set the password-hash to {MD5}. As I keep changing the password, the
number of pwdHistory entries keeps growing. There are 20 in there now.
So that seems strange. But it also lets me re-use a password I have used
previously. With MD5, the hashes are identical for the same pwd so I see the
old hash in one of the pwdHistory entries, but it still works.
Any idea why it does not fail on a re-used password?
This is version 2.3.13.
Thanks,
Jim
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
