New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reject password if it contains tokens from an attribute of the LDAP entry #17
Comments
Hi @eseyman, the feature could be interresting, but it is much more complicated to achieve, because as a ppolicy submodule, ppm only get few informations from the user. |
The function signature in ppolicy in OpenLDAP 2.5 allows to read the whole entry:
This feature could be really interesting. It would be nice to set any attribute for the check. |
davidcoutadeur
changed the title
Reject password if it contains tokens from givenName and sn
Reject password if it contains tokens from an attribute of the LDAP entry
Mar 21, 2022
davidcoutadeur
added a commit
that referenced
this issue
Mar 22, 2022
Done in fbebaf2 |
makr
pushed a commit
to makr/openldap
that referenced
this issue
Jun 7, 2022
Reject password if it contains tokens from an attribute of the LDAP entry ltb-project/ppm#17
SuzyWangIBMer
pushed a commit
to SuzyWangIBMer/openldap
that referenced
this issue
Aug 18, 2022
Reject password if it contains tokens from an attribute of the LDAP entry ltb-project/ppm#17
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I've been asked to implement the rejection of new passwords if they contain the user's first or last name (we currently reject for username). Would it be possible to extend ppm's checkRDN's functionality to include other attributes than the RDN?
The text was updated successfully, but these errors were encountered: