pam_passwdqc ldap problems
Adams, Chris M, CTR,, DMDCWEST
Adamscm at osd.pentagon.mil
Tue Aug 24 18:03:27 UTC 2004
I'm having problems with my pam configuration on Solaris 8 using ldap.
Here's the relevant parts:
#
# Password management
#
other password requisite pam_passwdqc.so
min=disabled,disabled,di
sabled,disabled,8 max=8 passphrase=0 match=0 similar=deny random=0
enforce=every
one retry=1 ask_oldauthtok=update check_oldauthtok
other password required pam_dhkeys.so.1
#other password requisite pam_authtok_get.so.1
#other password requisite pam_authtok_check.so.1
other password required pam_authtok_store.so.1
...
#passwd auth required pam_passwd_auth.so.1
adamscm at katana:~$ passwd
passwd: Changing password for adamscm
Password:
Enter current password:
You can now choose the new password.
A valid password should be a mix of upper and lower case letters,
digits, and other characters. You can use an 8 character long
password with characters from all of these classes. An upper
case letter that begins the password and a digit that ends it do
not count towards the number of character classes used.
Enter new password:
Re-type new password:
passwd: password successfully changed for adamscm
If I take out ask_oldauthtok=update check_oldauthtok, it doesn't prompt for
the password twice, but then I get:
adamscm at katana:~$ passwd
passwd: Changing password for adamscm
Password:
You can now choose the new password.
A valid password should be a mix of upper and lower case letters,
digits, and other characters. You can use an 8 character long
password with characters from all of these classes. An upper
case letter that begins the password and a digit that ends it do
not count towards the number of character classes used.
Enter new password:
Re-type new password:
Permission denied
Can anyone point me in the right direction on this?
thanks,
chris'
More information about the Pam-list
mailing list