[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] Password Policy

From: Brad Johnson <bjohnson independence k12 ia us>
To: "Support list for opensource software in schools." <k12osn redhat com>
Subject: Re: [K12OSN] Password Policy
Date: Tue, 4 Apr 2006 14:39:52 -0500

Sorry....I wasn't clear on all my responses
On Apr 4, 2006, at 2:25 PM, Toshio Kuratomi wrote:

On Tue, 2006-04-04 at 14:00 -0500, Brad Johnson wrote:

I did try that but it didn't seem to work....however I didn't reboot
and I'm a little afraid to reboot.

You shouldn't need to reboot. When you say it doesn't work, do youmean

it doesn't allow you to set a weak password?  It doesn't allow you to
login?  It doesn't allow you to set any new password?

It does not allow me to set a weak password...it will allow me to seta new password

  Here's another interesting
item....if I change the password succesfully, it doesn't actually
seem to update in the ldap directory on the OS X server.


this sounds as though you have something screwy at a deeper level as
well.  Did you use the authconfig program to setup your connection to
the OSX ldap server or soemthing different?

Yes, I used authconfig to setup LDAP access, and all my users cansuccessfully login to the LDAP server with their LDAP passwords.

Is pam_ldap one of the
modules being stacked in /etc/pam.d/system-auth?

yes, it is listed on the following lines:
auth sufficient /path/to/file/pam_ldap.so use_first_pass

as well as on

password sufficient /path/to/file/pam_ldap.so use_authok

It sounds as though

the update is updating /etc/passwd and /etc/shadow on the K12ltspserver

instead of in the OSX server.  So the K12 server is reading
from /etc/passwd ad from the ldap server but it is writing only
to /etc/passwd.

When you use the passwd command does it prompt you with:
Enter login(LDAP) password:

or does it just print
New UNIX password:

Yes, this is weird isn't it. When I run passwd, it first asks for'Enter Login(LDAP) password',

and after that has been successfully entered it asks for
'New UNIX password'

So it appears to be authenticating to LDAP, but updating the localUnix password on the LTSP box


Thanks,

Brad


-Toshio
_______________________________________________
K12OSN mailing list
K12OSN redhat com
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>

References:
- [K12OSN] Password Policy
  - From: Brad Johnson
- Re: [K12OSN] Password Policy
  - From: Kari Matthews
- Re: [K12OSN] Password Policy
  - From: Toshio Kuratomi
- Re: [K12OSN] Password Policy
  - From: Brad Johnson
- Re: [K12OSN] Password Policy
  - From: Toshio Kuratomi
- Re: [K12OSN] Password Policy
  - From: Brad Johnson
- Re: [K12OSN] Password Policy
  - From: Toshio Kuratomi

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]