[Apologize for my English]



I’m trying to set up a password policy for my users. Especially, I set a password history value of 6.


In case of a password recovery process, I want to give to the administrator to restore the password to a default value which is equally the value used for the account creation. The problem at this time is obvious: the password change is refused since the default password is already in the history. Is there any way to force the password restauration?


Furthermore, I have some questions with about the way password history is working.

I can see through 389-console that users have a multi-valued attributes passwordhistory. However I’m unable to get it with a command line ldapsearch request. How can I obtain this password history list?

Maybe for the same reason, if I delete the passwordhistory attribute and try to restore the password to its initial value, I always obtain an exception due to the presence of the password in the history.


Those points are not clearly referenced in the documentation. Thanks a lot for your help.





Alexandre MAZIER

Parc Technologique de la Toison d'Or
19 rue Louis de Broglie BP 56507
21065 DIJON Cedex
Tél : 03 80 28 46 46
Fax : 03 80 28 46 01


P Avant d'imprimer cet e-mail, si nous réfléchissions à l'impact sur l'environnement ?

Les données et renseignements contenus dans ce message sont personnels, confidentiels et secrets. Si vous n'êtes pas destinataire de ce message, merci de le détruire immédiatement et d'avertir l'expéditeur. Le GIP CPAGE décline toute responsabilité au titre de ce message s'il a été altéré, déformé ou falsifié.

The information contained in this message is privileged, confidential, and protected from disclosure. If you are not intended addressee of this message, please cancel it immediately and inform the sender. GIP CPAGE shall not be liable for the message if altered, changed or falsified.