On Mon, Oct 11, 2010 at 6:42 PM, Christian Manal < [email protected]> wrote:
> Am 11.10.2010 14:41, schrieb Meghanand Acharekar: > > Hi, > > > > I am using ppolicy overlay to enforce password policies. > > Following is my ppolicy configuration/ldif. > > > > dn: cn=policies,dc=example,dc=com > > objectClass: top > > objectClass: device > > objectClass: pwdPolicy > > cn: policies > > pwdAttribute: userPassword > > pwdMaxAge: 7516800 > > pwdExpireWarning: 432000 > > pwdInHistory: 6 > > pwdCheckQuality: 1 > > pwdMinLength: 8 > > pwdMaxFailure: 4 > > pwdLockout: TRUE > > pwdLockoutDuration: 1920 > > pwdGraceAuthNLimit: 0 > > pwdFailureCountInterval: 0 > > pwdMustChange: TRUE > > pwdAllowUserChange: TRUE > > pwdSafeModify: FALSE > > > > while changing password on first login I got following error. > > > > WARNING: Your password has expired. > > You must change your password now and login again! > > Changing password for user prasad. > > Enter login(LDAP) password: > > New UNIX password: > > Retype new UNIX password: > > LDAP password information update failed: Constraint violation > > Password is too young to change > > passwd: Permission denied > > Connection to myhost closed. > > > > Thanks in advance > > Meghanand N Acharekar. > > > > > Hi, > > when you set 'pwdCheckQuality: 1', you require a module to actually > check the quality of the password. See slapo-ppolicy(5) and look at the > pwdPolicyChecker/pwdCheckModule parts. > > > Hello After setting pwdReset TRUE in user attribute, i'm getting another error. LDAP password information update failed: Constraint violation Password fails quality checking policy passwd: Permission denied Connection to myhost closed. Is it mandatory to use this module if we want to enforce password policies. Any idea. > Regards, > Christian Manal >
