I know that I have everything set to 0. I had things set more strictly
and I couldn't change to any password. So I set everything to the
minimum value that the FDS would let me. But even with those minimal
values, virtually every password was rejected due to the syntax issue.
I tried to set passwordInHistory to 0, but the minimum required value
was 2. So, I have set passwordHistory to off, so the history shouldn't
be an issue, on top of the fact that I attempted the password changes
in the order that I had them in my original message, all of which
failed, the password that my user was set to was testpass.
Thanks,
Eric
---------- Forwarded message ----------
From: Ivan Ferreira <iferreir at personal.com.py>
Date: Mon, May 19, 2008 at 5:19 PM
Subject: Re: Password Syntax Checking
To: "General discussion list for the Fedora Directory server project."
<fedora-directory-users at redhat.com>
Cc: fedora-directory-users at redhat.com, fedora-directory-users-bounces at redhat.com
What is the policy that you want to apply to your passwords?
As far I can see, you have almost all set to 0:
passwordMinLength: 4
passwordMinDigits: 0
passwordMinAlphas: 0
passwordMinUppers: 0
passwordMinLowers: 0
passwordMinSpecials: 0
passwordMin8bit: 0
passwordMaxRepeats: 0
I don't know why you get syntax errors on other passwords, ?maybe is
remembering them, try with passwordInHistory 0?
Para
fedora-directory-users at redhat.co
m
"Eric Brown" cc
<playactor at gmail.com>
Enviado por: Asunto
fedora-directory-users-b [Fedora-directory-users]
ounces at redhat.com Password Syntax Checking
Clasificaci?n
19/05/2008 05:34 p.m. Uso Interno
Por favor, responda a
"General discussion list
for the Fedora Directory
server project."
<fedora-directory-users@
redhat.com>
I have been trying to get the Password Syntax Checking working with
FDS 1.0.4 and am having some trouble with the passwords that it is
allowing and the ones that are returning invalid syntax.
I started by setting the password policy the way I thought I wanted to
use for my environment, but then no passwords would work, so I changed
everything down to the minimums that I could find, but I am still
getting several passwords rejected due to a syntax error. I am not
using the console and I need to be able to set this through an LDIF
file.
Currently I have these settings for the password policy configuration:
passwordInHistory: 2
passwordUnlock: on
passwordGraceLimit: 0
passwordMustChange: off
passwordWarning: 86400
passwordLockout: on
passwordMinLength: 4
passwordMinDigits: 0
passwordMinAlphas: 0
passwordMinUppers: 0
passwordMinLowers: 0
passwordMinSpecials: 0
passwordMin8bit: 0
passwordMaxRepeats: 0
passwordMinCategories: 1
passwordMinTokenLength: 1
passwordMaxFailure: 3
passwordMaxAge: 3888000
passwordResetFailureCount: 120
passwordisglobalpolicy: off
passwordChange: on
passwordExp: on
passwordLockoutDuration: 300
passwordCheckSyntax: on
passwordMinAge: 0
passwordStorageScheme: SSHA256
I am getting syntax errors on passwords like the following:
spfihykr
spfihykr10
qpwoeiru
10293847
cmdjeu37
alskdj37
xnshwy26
doggie
doggie12
but things like testpass works just fine.
I figure that I have something not configured properly, but I don't
know what needs to be changed. And some of the values that I am using
were in the User Account Management section of the Administrator's
Guide two weeks ago, but they are missing now.
Thanks in advance,
Eric Brown
--
Fedora-directory-users mailing list
Fedora-directory-users at redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
========================================================================================
AVISO LEGAL: Esta informaci?n es privada y confidencial y est? dirigida
?nicamente a su destinatario. Si usted no es el destinatario original de
este mensaje y por este medio pudo acceder a dicha informaci?n por favor
elimine el mensaje. La distribuci?n o copia de este mensaje est?
estrictamente prohibida. Esta comunicaci?n es s?lo para prop?sitos de
informaci?n y no debe ser considerada como propuesta, aceptaci?n ni como
una declaraci?n de voluntad oficial de NUCLEO S.A. La transmisi?n de
e-mails no garantiza que el correo electr?nico sea seguro o libre de error.
Por consiguiente, no manifestamos que esta informaci?n sea completa o
precisa. Toda informaci?n est? sujeta a alterarse sin previo aviso.
This information is private and confidential and intended for the
recipient only. If you are not the intended recipient of this message you
are hereby notified that any review, dissemination, distribution or
copying of this message is strictly prohibited. This communication is for
information purposes only and shall not be regarded neither as a proposal,
acceptance nor as a statement of will or official statement from NUCLEO
S.A. . Email transmission cannot be guaranteed to be secure or error-free.
Therefore, we do not represent that this information is complete or
accurate and it should not be relied upon as such. All information is
subject to change without notice.
--
Fedora-directory-users mailing list
Fedora-directory-users at redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
