[Fedora-directory-users] Password Syntax Checking

[Eric Brown]

I have been trying to get the Password Syntax Checking working with
FDS 1.0.4 and am having some trouble with the passwords that it is
allowing and the ones that are returning invalid syntax.

I started by setting the password policy the way I thought I wanted to
use for my environment, but then no passwords would work, so I changed
everything down to the minimums that I could find, but I am still
getting several passwords rejected due to a syntax error. I am not
using the console and I need to be able to set this through an LDIF
file.

Currently I have these settings for the password policy configuration:

passwordInHistory: 2
passwordUnlock: on
passwordGraceLimit: 0
passwordMustChange: off
passwordWarning: 86400
passwordLockout: on
passwordMinLength: 4
passwordMinDigits: 0
passwordMinAlphas: 0
passwordMinUppers: 0
passwordMinLowers: 0
passwordMinSpecials: 0
passwordMin8bit: 0
passwordMaxRepeats: 0
passwordMinCategories: 1
passwordMinTokenLength: 1
passwordMaxFailure: 3
passwordMaxAge: 3888000
passwordResetFailureCount: 120
passwordisglobalpolicy: off
passwordChange: on
passwordExp: on
passwordLockoutDuration: 300
passwordCheckSyntax: on
passwordMinAge: 0
passwordStorageScheme: SSHA256

I am getting syntax errors on passwords like the following:

spfihykr
spfihykr10
qpwoeiru
10293847
cmdjeu37
alskdj37
xnshwy26
doggie
doggie12

but things like testpass works just fine.

I figure that I have something not configured properly, but I don't
know what needs to be changed. And some of the values that I am using
were in the User Account Management section of the Administrator's
Guide two weeks ago, but they are missing now.

Thanks in advance,
Eric Brown