Between 389 LDAP versions 1.2.11.15-33 and 1.2.11.15-97, we're finding that the Directory Manager account can bypass configured password policies and set user passwords to anything. I believe this is now by design, but is there a configuration file flag to revert to the previous behavior where Directory Manager needed to conform to the password policy?
If not, how do we create a user account in 389 ldap server with rights to check and update user password hashes, and still enforce configured password policies?
Please advise
_______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
