2014-09-19 12:06 GMT+02:00 Robert Ludvik <[email protected]>: > Hi. >
Hi, > I use LDAP server 389-ds, version 1.2 (http://www.port389.org/) and Samba > 3. > I set up LTB and it works fine - I can change userPassword as well as > Samba password. > > Our security requests are that users should not reuse last 5 passwords. > This cannot be set up with LTB, AFAIK, but should be set in LDAP server. > > Right, password history can be managed in LDAP server. > If I enable password syntax checking in 389-ds Admin console like this: > http://snag.gy/aqdCn.jpg > > Well, this has nothing to do with password history, you configured here syntax checking. > the LTB continue to report "Password was refused by the LDAP directory" > even if I enter new password within these requests. I found out it reports > LDAP error 19: > LDAP_CONSTRAINT_VIOLATION > (Indicates that the attribute value specified in a modify, add, or modify > DN operation violates constraints placed on the attribute. The constraint > can be one of size or content (string only, no binary).) > > As you said, the LDAP server refuses the password. > But, I can change password via Windows Ctrl-Alt-Del -> Change password. > I think the password is changed on AD, not on 389 server. > > Can someone please help me with this /point to what could be wrong? > > My LTB conf settings: > http://ur1.ca/i7omf > > Sounds good. Clément.
_______________________________________________ ltb-users mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-users
