Philip Kime wrote: > Hmm - If I enable password syntax checking globally, it works - > ldappasswd applies the policy and so does PAM via pam_ldap. If it's a > local policy on a subtree or user, it doesn't? I have checked and the > cn=config "nsslapd-pwpolicy-local" is set to "on" so it should be > applying local password policies. Do I have to enable the password > syntax checking at a global level (possibly with no actual restrictions) > and then overide it at the local level? > Yes. The global setting must be enabled to use any sort of password syntax checking. You can then override it at the subtree or user level. -NGK > PK > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3241 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20061112/651ed6a8/attachment.bin
