Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [password-policy]

70 questions
3
votes
1 answer

OpenLDAP: pwdChangedTime attribute isn't created after changing the password?

I'm going to integrate the check_mk's Multisite with OpenLDAP. After configuring the LDAP connector, I get the following error when opening the "Users & Contacts" page: Error executing sync hook The "Authentication Expiration" attribute…
quanta
  • 50,327
  • 19
  • 152
  • 213
3
votes
1 answer

Issue with Mac RDP clients connecting to Server 2008 if change password at next logon checked

I have a weird issue I haven't been able to figure out (primarily because I don't have a Mac to play with). When a user is connecting into our Windows Server 2008 and 2008 R2 servers with local user accounts if their account is set to force user to…
DigiMij
  • 151
  • 1
  • 1
  • 4
3
votes
2 answers

Changing Windows password policy

We currently have the almost defacto standard of requiring complex passwords on our Windows AD domain. But this XKCD cartoon caught my eye a few months ago when it came up on Coding Horror (I think): http://xkcd.com/936/ Has anyone changed their…
Rob Nicholson
  • 1,678
  • 8
  • 27
  • 53
3
votes
2 answers

Is it possible to limit the number of user account password resets per day in Active Directory?

Windows domain environment here. We're looking at putting in a self-service password reset system (using Citrix Single Sign-on), and I'm trying to figure out if we can limit the number of password resets a user can initiate down to 2 per day. I'm…
christianlinnell
  • 275
  • 1
  • 6
  • 18
3
votes
1 answer

Samba, password change and windows error messages

I moved password quality checking in Samba from check password script to PAM, now when pam_passwdqc or pam_cracklib deny password change the user revives a "Access denied" error, not the standard "The password you typed does not meet the password…
Hubert Kario
  • 6,351
  • 6
  • 33
  • 65
2
votes
1 answer

GPO Password Policy Only Partially Applied

We are trying to modify our existing password policy that is being applied via GPO. For some reason it is not applying any of the settings in the password policy section (Comp Config > Policies > Windows settings > Security Settings > Account…
yougotiger
  • 273
  • 3
  • 15
2
votes
1 answer

how to set pwdMaxAge for a single user in OpenLdap

If I do this, it is applicable to all users. ldapadd -v -H "ldaps://hostName/" -x -W -D cn=admin,dc=mydomain,dc=com -f pwdMaxAge.ldif dn: cn=passwordDefault,ou=Policies,dc=mydomain,dc=com changetype: modify replace: pwdMaxAge pwdMaxAge:…
james
  • 33
  • 4
2
votes
0 answers

Windows Domain Password Policy Issue

I just discovered something odd happening with a password policy in one of the Windows Server 2012 R2 environments we manage, and we have had no luck finding any information to explain the behavior. The password policy has a minimum password length…
Jesse P.
  • 201
  • 2
  • 6
2
votes
2 answers

How to use PAM to manage lockout policy for ssh public key authentication methods

I have followed instructions on redhat on how to harden authentication on a linux server, but we only use SSH with public key auth. According to these…
alexfvolk
  • 164
  • 1
  • 9
2
votes
1 answer

Openldap setting up olcOverlay: ppolicy

Question: Why am I failing to add the objectclass pwdPolicy to cn=PasswordDefaults? Background Information I am new to LDAP and I'm stumbling through various tutorials and other tips online to create a directory that will handle user information…
hededo
  • 55
  • 2
  • 8
2
votes
1 answer

OpenLDAP password policy for a group

Just wondering if OpenLDAP is able to assign a password policy to a specific group? Thanks
Ke Wang
  • 23
  • 2
2
votes
2 answers

Force user to change AD password at logon before Explorer loads?

Background: In our environment, users log onto a Windows 7 PC and then launch a full-screen Citrix XenApp (same as Microsoft RDSH) desktop. Citrix Reciever with single-sign on is used to launch the XenApp desktop. All work is done within the XenApp…
AdamR
  • 51
  • 5
2
votes
1 answer

Reversible Encryption - Not Defined but Showing as Enabled?

I'm reviewing our complex password policy that was setup by a previous admin and I'm trying to gain some clarification on the setting for Reversible Encryption. In our organization, reversible encryption is not needed and should be disabled. When I…
Dave
  • 23
  • 3
2
votes
1 answer

Find current password complexity requirements on domain

I simply need to know what my network's password complexity requirements are at this time. I believe we had competing group policies in place (trying to clean up that mess) and I want to see which policy's setting is being used. This topic on…
Shrout1
  • 343
  • 2
  • 6
  • 18
2
votes
3 answers

User unable to change password - Active Directory Group Policy

I've seen this issue come up, but no answers seem to be applicable. When a user tries to change their password using control-alt-delete -> change password, they're getting a "Unable to update the password. The value provided for the new password…
newevox
  • 21
  • 1
  • 2
1
2
3 4 5