Hi all. I'm running Red Hat Directory Server 8.1.0, and are having some problems with password syntax checking. When I don't enable the syntax checking, everything works fine. But when I enable it it seems to discard even pretty strong passwords. In the example belov I've configured password syntax checking like this: - Password minimum length: 8 - Minimum required character categories: 1 - Minimum token length: 3 (btw, don't know why I need to set this) The new password I try to change to has two digits, four lower case letters, one uppercase letter, and one special character. So it should be far more complicated that the above settings call for. This is the output: #### Output start [root at server ~]# ssh kenneth at localhost kenneth at localhost's password: You are required to change your LDAP password immediately. Last login: Fri Sep 18 16:37:26 2009 from localhost.localdomain Welcome to the server! WARNING: Your password has expired. You must change your password now and login again! Changing password for user kenneth. Enter login(LDAP) password: New UNIX password: Retype new UNIX password: LDAP password information update failed: Constraint violation invalid password syntax - passwords with storage scheme are not allowed passwd: Permission denied Connection to localhost closed. ##### Output end So basically what I'm wondering about is exactly which constraint I'm violating. In other words, what does the "password with storage scheme are not allowed" tell me? Best regards, Kenneth Holter -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20090918/d2dc1ec8/attachment.html
