On Wed, 25 Mar 2015, Yogesh Sharma wrote:
Hi,
Is there any way that we can configure IPA server not to do Strict Checking
for Password.
For EG:
*BAD PASSWORD: The password is too similar to the old one*
*New password: *
*BAD PASSWORD: The password fails the dictionary check - it is based on a
dictionary word*
We tried removing "use_authtok" from below but no luck.
password sufficient pam_unix.so sha512 shadow nullok try_first_pass
use_authtok
You are changing *wrong* configuration.
system-auth "password" config:
[root@cipa vagrant]# cat /etc/pam.d/system-auth | grep password | grep -v
grep
*password requisite pam_pwquality.so try_first_pass retry=3 type=*
pam_pwquality is responsible for the password strength checks in PAM
stack. Read its documentation for details.
P.S. This question has nothing to do with FreeIPA.
--
/ Alexander Bokovoy
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
