Description of problem:
Default Setting for passwordMinTokenLength does not work
Steps to Reproduce:
1.Modify the cn=config entry and set 'passwordCheckSyntax' to 'on'
2.Add a user entry as below
ldapadd -x -D 'cn=Directory Manager' -w secret123 -h localhost -p 389
cn: john smith
3. Now bind to the server with that user and modify the userPassword attribute
ldapmodify -x -D 'uid=jsmith,ou=people,dc=example,dc=com' -w secret123 -h
localhost -p 389
The password was accepted and stored, even though it contained 3 sequential
characters from 'sn' attribute of the entry
This modify operation should have been rejected with a
I performed the same steps by setting passwordMinLength and
passwordMinCategories to their minimum values but still the password was
accepted and stored
I also performed the same steps on RHEL6 and was able to reproduce the issue
git patch file (master)
git patch file (master) -- CI test
Reviewed by Mark (Thanks!!)
Pushed to master:
3e7d6d6..19e75b9 master -> master
Metadata Update from @nhosoi:
- Issue assigned to nhosoi
- Issue set to the milestone: 18.104.22.168
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here:
If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: Fixed)
to comment on this ticket.