Re: [389-users] Password history and default password

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I think what you want to do to get the passwordhistory attribute is 
something like the below command as I think they are considered 
operational attributes.

ldapsearch -H ldap://ldap.mydomain.com -x -s base -b "" +
# note the + returns operational attributes

Hope that helps on one part of your question.


On 10/26/2011 10:27 AM, Mazier Alexandre wrote:
> [Apologize for my English]
>
> Hello
>
> I’m trying to set up a password policy for my users. Especially, I set a
> password history value of 6.
>
> In case of a password recovery process, I want to give to the
> administrator to restore the password to a default value which is
> equally the value used for the account creation. The problem at this
> time is obvious: the password change is refused since the default
> password is already in the history. Is there any way to force the
> password restauration?
>
> Furthermore, I have some questions with about the way password history
> is working.
>
> I can see through 389-console that users have a multi-valued attributes
> passwordhistory. However I’m unable to get it with a command line
> ldapsearch request. How can I obtain this password history list?
>
> Maybe for the same reason, if I delete the passwordhistory attribute and
> try to restore the password to its initial value, I always obtain an
> exception due to the presence of the password in the history.
>
> Those points are not clearly referenced in the documentation. Thanks a
> lot for your help.
>
> Regards,
>
> *Alexandre MAZIER*
> Intervenant
>
> GIP CPAGE
> Parc Technologique de la Toison d'Or
> 19 rue Louis de Broglie BP 56507
> 21065 DIJON Cedex
> Tél : 03 80 28 46 46
> Fax : 03 80 28 46 01
>
> Mailto:Alexandre.Mazier@xxxxxxxx <mailto:Alexandre.Mazier@xxxxxxxx>
>
> P Avant d'imprimer cet e-mail, si nous réfléchissions à l'impact sur
> l'environnement ?
>
> Les données et renseignements contenus dans ce message sont personnels,
> confidentiels et secrets. Si vous n'êtes pas destinataire de ce message,
> merci de le détruire immédiatement et d'avertir l'expéditeur. Le GIP
> CPAGE décline toute responsabilité au titre de ce message s'il a été
> altéré, déformé ou falsifié.
>
> The information contained in this message is privileged, confidential,
> and protected from disclosure. If you are not intended addressee of this
> message, please cancel it immediately and inform the sender. GIP CPAGE
> shall not be liable for the message if altered, changed or falsified.
>
>
>
> --
> 389 users mailing list
> 389-users@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/389-users

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux