On 2/23/22 22:02, Felix Natter wrote:
ldappasswd(1) is the right tool for the command-line but takes a DN to
specify the user's entry.
I tried this (which would be fine as a solution):
ldappasswd -H ldap://<ip> -x -D \
cn=ldaptestuser1,ou=users,dc=company,dc=com -W -A -S
but it does not enforce the pwdMinLength:3 restriction of the PP.
It works for me:
xkcd@ae-dir-suse-p1:~> ldappasswd uid=aacj,cn=test,ou=ae-dir -s 123
Result: Constraint violation (19)
Additional info: Password fails quality checking policy
xkcd@ae-dir-suse-p1:~> ldappasswd uid=aacj,cn=test,ou=ae-dir -s
Geheimer123456789
xkcd@ae-dir-suse-p1:~> ldapwhoami -x -D uid=aacj,cn=test,ou=ae-dir -w
Geheimer123456789
dn:uid=aacj,cn=test,ou=ae-dir
Are you sure your pwdPolicy entry is applied, and e.g. has
pwdCheckQuality: 2?
Ciao, Michael.
