Philip Kime wrote:
Hmm - If I enable password syntax checking globally, it works -
ldappasswd applies the policy and so does PAM via pam_ldap. If it's a
local policy on a subtree or user, it doesn't? I have checked and the
cn=config "nsslapd-pwpolicy-local" is set to "on" so it should be
applying local password policies. Do I have to enable the password
syntax checking at a global level (possibly with no actual restrictions)
and then overide it at the local level?
Yes. The global setting must be enabled to use any sort of password
syntax checking. You can then override it at the subtree or user level.
-NGK
PK
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users