Univention Bugzilla – Bug 49551
Self services doesn't respect changes to default password policy
Last modified: 2019-07-25 18:23:03 CEST
Steps to reproduce: 1. Change default password policy to 16 characters 2. Try to set password with less than 16 characters via Self Service 3. Try to set password with less than 8 characters via Self Service Expectation: Passwords with less than 16 characters can't be set Passwords with less than 8 characters can't be set Reality: Passwords with less than 16 characters can be set Passwords with less than 8 characters can't be set
It seems the problem were missing password requirement settings for samba. Samba does not regard the password policies but has its own settings. This does also affect other password change services like passwd. I opened a new bug to document this behaviour better (bug 49656). *** This bug has been marked as a duplicate of bug 49656 ***
> Samba does not regard the password policies but has its own settings. Rather, Active Directory has it's own two types of Password Settings that are not synchronized with the UDM Password Policies. 1. Domain Password Settings - Synchronized by S4-Connector with UDM object settings/sambadomain. 2. Fine Grained Password Policies (FGPP) / Password Settings Objects (PSO) - Not synchronitzed with UDM Password Policies.
See also Bug #35809