Hi Guido,
Know what Im missing:
1) check that the new password is not similar to the old one.
The pam_cracklib man pages show exactly what are you found:
By default, pam_cracklib performs a number of basic checks on the new password:
Simple Checks
Allright! I fix one of the problems. How can you check that the user is
not using an old password?
pdbedit -P list
No account policy by that name
Account policy names are :
min password length
password history
user must logon to change password
maximum password age
minimum password age
lockout
