Re: [K12OSN] Password Policy

[Brad Johnson <bjohnson independence k12 ia us>]

I did try that but it didn't seem to work....however I didn't reboot  
and I'm a little afraid to reboot.  Here's another interesting  
item....if I change the password succesfully, it doesn't actually  
seem to update in the ldap directory on the OS X server.  For  
example, if my user initially logs in with a password of 'changeme'  
and then successfully updates their password to 'changed', both  
'changeme' and 'changed' will work when logging into the LTSP  
machine.  However, if I attempt to again change the users password,  
the LDAP password is still 'changeme'  Is the LTSP machine simply  
keeping the 'changed' password in a password file locally?  Sorry for  
the questions.....they make me sound pretty clueless about this  
stuff, but it sure seemed like an easy way for my users to change  
their passwords rather easily, since we don't have very many OS X  
machines that our high school students have access to on the high  
school campus.

Thanks a bunch,

Brad
On Apr 4, 2006, at 1:43 PM, Toshio Kuratomi wrote:

> On Tue, 2006-04-04 at 13:37 -0500, Brad Johnson wrote:
> > Thanks for the info.  However I've tried adding some of the arguments
> > and it's not working.  Is it possible to turn off the use of cracklib
> > entirely?
>
> I believe you can remove it from the stack of pam modules that are  
> used
> (ie just remove the cracklib line from system-auth)  I'm not sure  
> about
> this, though, so be sure to backup, be logged in as root, etc.
>
> -Toshio
> _______________________________________________
> K12OSN mailing list
> K12OSN redhat com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>