[Ltb-users] Self Service Password Policy (History)

Clément OUDOT clement.oudot at savoirfairelinux.com
Thu Oct 6 17:06:27 CEST 2016



Le 06/10/2016 à 16:56, Michael a écrit :
>
> Hello -
>
>
Hello Mike,

first, you need to regsiter to the list to be able to post and receive 
messages: http://lists.ltb-project.org/listinfo/ltb-users

>
> Iv'e noticed the the self-service tool does not provide any means to 
> respect the OpenLDAP password policy and there's nothing in the LTB 
> self service policy that restricts history sans the initial re-use of 
> the same password. Is there any way to get the application to respect 
> the OpenLDAP password policy (pwdInHistory) value or PAM?
>
>

Not for the moment, as PHP-LDAP is not compatible with password policy 
extended control.

You can prevent the user to reuse the same password as the current 
password when changing it, but can't check for the old passwords in LDAP.

-- 
Clément OUDOT
Consultant en logiciels libres, Expert infrastructure et sécurité
Savoir-faire Linux
137 boulevard de Magenta - 75008 PARIS
Blog: http://sflx.ca/coudot

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ltb-project.org/pipermail/ltb-users/attachments/20161006/b628ed3f/attachment.htm>


More information about the ltb-users mailing list