Hello
On Tue, Nov 13, 2012 at 12:33 AM, Ali Jawad <ali.jawad(a)splendor.net> wrote:
In that case I have a major overhaul that I need to complete, change
password is not working for me, my assumption is that it only works with TLS
enabled between the client and the server, I have tried to get TLS to run a
few times but could not get it to run so far. Am I right about the
assumption that I need encryption between the server and the clients for
password change to work ?
Regards
When using ldappasswd command, Yes ssl/tls is mandatory, Try changing
password using ldapmodify, it doesnt required ssl/tls connection.
On Mon, Nov 12, 2012 at 8:56 PM, Mark Reynolds <mareynol(a)redhat.com> wrote:
>
> Only "crypt" uses the first 8 characters, so any other scheme would be
> fine. After you change the scheme you will need to force all the users to
> change their passwords - otherwise their crypt passwords will still be
> present.
>
>
>
> On 11/12/2012 01:52 PM, Ali Jawad wrote:
>
> Hi All
> This is an all Linux environment with 389 being used as the sole
> authentication mechanism, I do believe I am using crypt, I am out of office
> right now, what should I use instead of crypt to match more characters ?
> Regards
>
> On Mon, Nov 12, 2012 at 7:02 PM, Mark Reynolds <mareynol(a)redhat.com>
> wrote:
>>
>> Also what password storage scheme are you using? For example "crypt"
>> only checks the first 8 characters of a password.
>>
>>
>> On 11/12/2012 11:18 AM, Dan Lavu wrote:
>>
>> In regards to a password policy? Just 389 or are you using winsync with
>> AD? Because the password policy from AD does not transfer over. Also they
>> are some extra steps if you want to setup an OU based password policy but if
>> you just do it for the entire directory through ‘configuration’ it works
>> with no issues.
>>
>> Dan
>>
>> From: Ali Jawad <ali.jawad(a)splendor.net>
>> Sent: November 12, 2012 6:00 AM
>> To: General discussion list for the 389 Directory server project.
>> Subject: [389-users] Password + anything works ?
>>
>> Hi
>> I just noticed that you can use the password+ANYLetters and it will work,
>> I.e. if the password is xyz xyz99 or xyzABC will work as well, is this a
>> misconfiguration on my part or a bug ?
>> Regards
>>
Regards
Arpit Tolani