On 03/01/2017 08:15 AM, tua...@gmail.com wrote:
So if you change the password as directory manager it will let you do whatever you want.
So make sure you always change passwords as a "database user" if you expect
password policies to be enforced.
Not correct, below is a test from another LDAP instance with the same ldap
version.
...
ldappasswd -s Ja#%==TNG8 -w SECRET! -x -ZZ -D cn='directory manager' cn='Tuan
Test,cn=unixtek,ou=Infrastructure,dc=centos'
Without trying to diagnose the reason that "Directory Manager" is not
successfully changing the password in your tests, it remains true that
"Directory Manager" is *designed* to bypass constraints. Until you can
reproduce the problem of changing an LDAP password using a database
user, you aren't providing evidence of a bug. The system is working the
way it is supposed to.
If you can demonstrate the problem using a database user instead of
"Directory Manager", we can troubleshoot further.
_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
