Eric Brown wrote:
You should use a larger value for passwordMinTokenLength, such as 3. This setting checks if portions of the attribute values in the users entry are in their password such as a password with your name in it. A setting of 1 is going to be very strict, meaning that any character that is in your name can not be present in your password. See this page for more detail:I have been trying to get the Password Syntax Checking working with FDS 1.0.4 and am having some trouble with the passwords that it is allowing and the ones that are returning invalid syntax. I started by setting the password policy the way I thought I wanted to use for my environment, but then no passwords would work, so I changed everything down to the minimums that I could find, but I am still getting several passwords rejected due to a syntax error. I am not using the console and I need to be able to set this through an LDIF file. Currently I have these settings for the password policy configuration: passwordInHistory: 2 passwordUnlock: on passwordGraceLimit: 0 passwordMustChange: off passwordWarning: 86400 passwordLockout: on passwordMinLength: 4 passwordMinDigits: 0 passwordMinAlphas: 0 passwordMinUppers: 0 passwordMinLowers: 0 passwordMinSpecials: 0 passwordMin8bit: 0 passwordMaxRepeats: 0 passwordMinCategories: 1 passwordMinTokenLength: 1
http://directory.fedoraproject.org/wiki/Password_Syntax -NGK
passwordMaxFailure: 3 passwordMaxAge: 3888000 passwordResetFailureCount: 120 passwordisglobalpolicy: off passwordChange: on passwordExp: on passwordLockoutDuration: 300 passwordCheckSyntax: on passwordMinAge: 0 passwordStorageScheme: SSHA256 I am getting syntax errors on passwords like the following: spfihykr spfihykr10 qpwoeiru 10293847 cmdjeu37 alskdj37 xnshwy26 doggie doggie12 but things like testpass works just fine. I figure that I have something not configured properly, but I don't know what needs to be changed. And some of the values that I am using were in the User Account Management section of the Administrator's Guide two weeks ago, but they are missing now. Thanks in advance, Eric Brown -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
<<attachment: smime.p7s>>
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
