[Freeipa-users] Is it possible to Disable "BAD Password" from IPA Configs
Yogesh Sharma
yks0000 at gmail.com
Wed Mar 25 05:33:59 UTC 2015
Hi,
Is there any way that we can configure IPA server not to do Strict Checking
for Password.
For EG:
*BAD PASSWORD: The password is too similar to the old one*
*New password: *
*BAD PASSWORD: The password fails the dictionary check - it is based on a
dictionary word*
We tried removing "use_authtok" from below but no luck.
password sufficient pam_unix.so sha512 shadow nullok try_first_pass
use_authtok
system-auth "password" config:
[root at cipa vagrant]# cat /etc/pam.d/system-auth | grep password | grep -v
grep
*password requisite pam_pwquality.so try_first_pass retry=3 type=*
*password sufficient pam_unix.so sha512 shadow nullok try_first_pass
use_authtok*
*password sufficient pam_sss.so use_authtok*
*password required pam_deny.so*
[root at cipa vagrant]#
*Best Regards,__________________________________________*
*Yogesh Sharma*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150325/e90edd8d/attachment.htm>
More information about the Freeipa-users
mailing list