Adding "princ" and "dict" pwqual plugin settings to krb5.conf
and a dict_file setting to realm in realms section of kdc.conf
and restarting kdc and kadmind on MIT 1.11 kerberos installation
doesn't appear to stop the principal name or dictionary words
being set as password using 'kadmin cpw'
eg krb5.conf
[plugins]
pwqual = {
disable = empty
enable_only = princ
enable_only = dict
}
Using "enable_only = empty" or "disable = empty"
does however control whether an empty password can be set.
Is there some other configuration or compilation
setting that is needed to enable the princ and dict builtin plugins ?
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
