Reputation: 313
OpenDJ password policy attribute that control user name does not include in the password
My application authenticate users via OpenDJ server. Application does not allows add user name with some other combination as a password. For example if user name is test, OpenDj does not allows to change the password as 1test. Can some tell me what is the (password policy) attribute that that control this behavior?
or is it default password policy?
Upvotes: 0
Views: 538
Answers (1)
Reputation: 313
Finally, I was able to figured out the attribute that cause for this issue. it is check-substrings attribute in the Attribute Value node under Password Validators in the configuration (cn=Attribute Value,cn=Password Validators,cn=config). Once we set this value to true, it checks whether full or portion of user name contains in the password and does not allows user to change password.
https://forgerock.org/opendj/doc/configref/attribute-value-password-validator.html
Upvotes: 1
Related Questions
- Java LDAP authentication with username
- How to disable the property of password-generator in OpenDJ
- opendj: is it possible to use subentry based password policy for pass-through?
- OpenDJ verify user's password option?
- java authentication on OpenLDAP without OU in base gives invalid credentials
- How to read LDAP password policy in Java
- JAVA - Active directory and ldap password properties
- Ldap password policy not throwing different errors
- Default Password for Generated Users in OpenDJ
- JAAS with LDAP password policy