>>For the moment password history can be configured in LDAP directory, so if >>the user tries do use the same password, SSP will get an error and the >>password will not be updated. The only problem we have is >>that the user >>does not know that the password is refused because of password history, he >>only gets a generic error message. >>A bit confused, I thought this was not possible without pull101 mentioned >>below ? Or is this pull101 ?
>>If you configure password history in LDAP Directory, then it already works, >>as the LDAP directory will refuse an existing password (unless you change it >>with the rootdn, which is not recommended). The >>only constraint is that the >>error "your password is in history" is not shown to user in SSP, the user >>just get "your password was refused". OK, my understanding was that php-ldap bypassed the ppolicy ? If not then that's a great start. I get it that if as I have bound the ssp web interface to ldap via the root dn it will bypass anyway ? -- Clément OUDOT Consultant en logiciels libres, Expert infrastructure et sécurité Savoir-faire Linux 137 boulevard de Magenta - 75010 PARIS Blog: http://sflx.ca/coudot
_______________________________________________ ltb-users mailing list [email protected] https://lists.ltb-project.org/cgi-bin/mailman/listinfo/ltb-users
