Bug 49551 – Self services doesn't respect changes to default password policy

Bug 49551 - Self services doesn't respect changes to default password policy


Summary:	Self services doesn't respect changes to default password policy

Status:	RESOLVED DUPLICATE of bug 49656

Product:	UCS
Classification:	Unclassified
Component:	Self Service
Version:	UCS 4.4
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assigned To:	UMC maintainers
QA Contact:	UMC maintainers

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2019-05-24 16:04 CEST by Valentin Heidelberger
Modified:	2019-07-25 18:23 CEST (History)
CC List:	5 users (show)

See Also:	49346 35809
What kind of report is it?:	Bug Report
What type of bug is this?:	5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?:	3: Will affect average number of installed domains
How will those affected feel about the bug?:	4: A User would return the product
User Pain:	0.343
Enterprise Customer affected?:	Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Valentin Heidelberger

2019-05-24 16:04:29 CEST

Steps to reproduce:
1. Change default password policy to 16 characters 
2. Try to set password with less than 16 characters via Self Service
3. Try to set password with less than 8 characters via Self Service

Expectation:
Passwords with less than 16 characters can't be set
Passwords with less than 8 characters can't be set

Reality:
Passwords with less than 16 characters can be set
Passwords with less than 8 characters can't be set

Comment 2 Jürn Brodersen

2019-06-14 17:00:41 CEST

It seems the problem were missing password requirement settings for samba.
Samba does not regard the password policies but has its own settings.
This does also affect other password change services like passwd.

I opened a new bug to document this behaviour better (bug 49656).

*** This bug has been marked as a duplicate of bug 49656 ***

Comment 3 Arvid Requate

2019-06-17 13:43:32 CEST

> Samba does not regard the password policies but has its own settings.


Rather, Active Directory has it's own two types of Password Settings that are not synchronized with the UDM Password Policies.

1. Domain Password Settings - Synchronized by S4-Connector with UDM object settings/sambadomain.

2. Fine Grained Password Policies (FGPP) / Password Settings Objects (PSO) - Not synchronitzed with UDM Password Policies.

Comment 4 Florian Best

2019-07-25 18:23:03 CEST

See also Bug #35809