Hi All,
I have an FDS and 389 instance set up with a number of users, and password
policy requiring minimum password length, some numbers, and some other
characters.
This all works well for mandating secure passwords. However, whenever users
authenticate via LDAP the server appears to check only the first 8 characters
of their passwords. For example if a user has a password of "foobar1234!" they
can still login with "foobar12" or "foobar12bazbaz" I've tested this with unix
client logins (via PAM) and directly via the ldapsearch command. Both exhibit
the same behavior.
Goo diligence hasn't really turned up anything, though it could be I'm missing
the obvious. Has anyone run into this problem before? Is this possibly an issue
with they way i'm storing passwords?
-Aaron
--
389 users mailing list
389-us...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
