[Fedora-directory-users] Password History Navigation
Rich Megginson
rmeggins at redhat.com
Mon Mar 16 17:37:31 UTC 2009
Hugo Etievant wrote:
> Hi,
>
> I have setted a password policy with password history.
>
> When i use ldappasswd for change password, this tool says me
> "Constraint violation" but that do not mean the real raison of failure.
>
> =>>> How can we verify if a password is in the history list ???
If you display the extended information sent back in the LDAP error
return, you should see a message like this "password in history"
>
> my follwing command is not successful :
> ldapsearch -h HOST -p 389 -D "cn=ADMIN" -b "ou=UNIT,dc=HOST,dc=COM" -x
> -w - "(passwordHistory=OLDPASSWD)" dn
passwordHistory stores hashed passwords so this ldapsearch won't work
I suppose you could use ldapsearch to get the passwordHistory list, then
write a script to use the pwdhash command to hash and compare a given
password with the passwords in the list.
>
>
> regards
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3258 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20090316/53c37553/attachment.bin>
More information about the Fedora-directory-users
mailing list