[K12OSN] OT: ldap only checks first 8 characters of password
Rob Owens
rowens at ptd.net
Sat Jan 31 02:00:25 UTC 2009
On Fri, Jan 30, 2009 at 08:52:50PM -0500, Rob Owens wrote:
> On Fri, Jan 30, 2009 at 08:45:28PM -0500, Rob Owens wrote:
> > My openldap users only need to correctly enter the first 8 digits of their password in order to be authenticated. My local users need to enter more than that (I didn't check for a limit, but it's more than 8). Does anybody know how to change this behavior?
> >
> Hmm, I just realized this only occurs after I use the 'passwd' utility to change my ldap password. The change seems to work, but with the 8-character limitation I mentioned above.
>
> Note that I'm not using the smbldap-installer setup on this particular ldap server. There is no samba component at all.
>
I don't believe it. I figured out the answer 5 minutes after posting the question (and I had been looking for the answer for hours).
It was as simple as putting this in /etc/pam_ldap.conf:
pam_password md5
(The previous value was: pam_password crypt)
Hope this helps someone. The system in question is a Debian Lenny machine.
-Rob
More information about the K12OSN
mailing list