2013/11/26 Aleksander Dzierżanowski <[email protected]>: > Thank you Esteban for your reply. > > I was missing pwdCheckQuality attribute in pwpolicy, which is mandatory to > set - if not, length checks are not performed. > Default value (if not set) for pwdCheckQuality in my opinion should be set > to 1. Otherwise presence of pwdMinLength in policy can be confusing. >
Set it to 2 if you want to reject SSHA passwords for which min length can not be checked. Clément.
