I'm having problems with my pam configuration on Solaris 8 using ldap. Here's the relevant parts: # # Password management # other password requisite pam_passwdqc.so min=disabled,disabled,di sabled,disabled,8 max=8 passphrase=0 match=0 similar=deny random=0 enforce=every one retry=1 ask_oldauthtok=update check_oldauthtok other password required pam_dhkeys.so.1 #other password requisite pam_authtok_get.so.1 #other password requisite pam_authtok_check.so.1 other password required pam_authtok_store.so.1 ... #passwd auth required pam_passwd_auth.so.1 adamscm@katana:~$ passwd passwd: Changing password for adamscm Password: Enter current password: You can now choose the new password. A valid password should be a mix of upper and lower case letters, digits, and other characters. You can use an 8 character long password with characters from all of these classes. An upper case letter that begins the password and a digit that ends it do not count towards the number of character classes used. Enter new password: Re-type new password: passwd: password successfully changed for adamscm If I take out ask_oldauthtok=update check_oldauthtok, it doesn't prompt for the password twice, but then I get: adamscm@katana:~$ passwd passwd: Changing password for adamscm Password: You can now choose the new password. A valid password should be a mix of upper and lower case letters, digits, and other characters. You can use an 8 character long password with characters from all of these classes. An upper case letter that begins the password and a digit that ends it do not count towards the number of character classes used. Enter new password: Re-type new password: Permission denied Can anyone point me in the right direction on this? thanks, chris' _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
