Hello On Tue, Nov 13, 2012 at 1:10 PM, Ali Jawad <ali.jawad@xxxxxxxxxxxx> wrote: > Hi Arpit > Actually I was attempting to change the password using command line > > passwd > > I.e. each user changes his own password, is passwd the right choice here ? > Yes, passwd is right choice, considering you have pam_ldap.so properly configured & yes passwd dont need ssl/tls to be configured. > Regards > > On Mon, Nov 12, 2012 at 11:27 PM, Arpit Tolani <arpittolani@xxxxxxxxx> > wrote: >> >> Hello >> >> On Tue, Nov 13, 2012 at 12:33 AM, Ali Jawad <ali.jawad@xxxxxxxxxxxx> >> wrote: >> > In that case I have a major overhaul that I need to complete, change >> > password is not working for me, my assumption is that it only works with >> > TLS >> > enabled between the client and the server, I have tried to get TLS to >> > run a >> > few times but could not get it to run so far. Am I right about the >> > assumption that I need encryption between the server and the clients for >> > password change to work ? >> > Regards >> > >> >> When using ldappasswd command, Yes ssl/tls is mandatory, Try changing >> password using ldapmodify, it doesnt required ssl/tls connection. >> >> > >> > On Mon, Nov 12, 2012 at 8:56 PM, Mark Reynolds <mareynol@xxxxxxxxxx> >> > wrote: >> >> >> >> Only "crypt" uses the first 8 characters, so any other scheme would be >> >> fine. After you change the scheme you will need to force all the users >> >> to >> >> change their passwords - otherwise their crypt passwords will still be >> >> present. >> >> >> >> >> >> >> >> On 11/12/2012 01:52 PM, Ali Jawad wrote: >> >> >> >> Hi All >> >> This is an all Linux environment with 389 being used as the sole >> >> authentication mechanism, I do believe I am using crypt, I am out of >> >> office >> >> right now, what should I use instead of crypt to match more characters >> >> ? >> >> Regards >> >> >> >> On Mon, Nov 12, 2012 at 7:02 PM, Mark Reynolds <mareynol@xxxxxxxxxx> >> >> wrote: >> >>> >> >>> Also what password storage scheme are you using? For example "crypt" >> >>> only checks the first 8 characters of a password. >> >>> >> >>> >> >>> On 11/12/2012 11:18 AM, Dan Lavu wrote: >> >>> >> >>> In regards to a password policy? Just 389 or are you using winsync >> >>> with >> >>> AD? Because the password policy from AD does not transfer over. Also >> >>> they >> >>> are some extra steps if you want to setup an OU based password policy >> >>> but if >> >>> you just do it for the entire directory through ‘configuration’ it >> >>> works >> >>> with no issues. >> >>> >> >>> Dan >> >>> >> >>> From: Ali Jawad <ali.jawad@xxxxxxxxxxxx> >> >>> Sent: November 12, 2012 6:00 AM >> >>> To: General discussion list for the 389 Directory server project. >> >>> Subject: Password + anything works ? >> >>> >> >>> Hi >> >>> I just noticed that you can use the password+ANYLetters and it will >> >>> work, >> >>> I.e. if the password is xyz xyz99 or xyzABC will work as well, is this >> >>> a >> >>> misconfiguration on my part or a bug ? >> >>> Regards >> >>> >> >> Regards >> Arpit Tolani >> -- >> 389 users mailing list >> 389-users@xxxxxxxxxxxxxxxxxxxxxxx >> https://admin.fedoraproject.org/mailman/listinfo/389-users > > > > > -- > Ali Jawad > Information Systems Manager > CISSP - PMP - ITIL V3 - RHCE - VCP - C|EH - CCNA - MCSA > Splendor Telecom (www.splendor.net) > Beirut, Lebanon > Phone: +9611373725/ext 116 > FAX: +9611375554 > > > > -- > 389 users mailing list > 389-users@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/389-users -- Regards Arpit Tolani -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
