Re: LDAP password question - VMS

This is a discussion on Re: LDAP password question - VMS ; >In the pmdf_table:security.cnf we have: > >[RULESET=default] >ENABLE=SYSTEM/PLAIN,LOGIN/* You have not listed LDAP as an authentication source in this ENABLE option, so PMDF is not checking for the username/password in LDAP. Since you only have SYSTEM listed as an authentication ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Re: LDAP password question

  1. Re: LDAP password question

    >In the pmdf_table:security.cnf we have:
    >
    >[RULESET=default]
    >ENABLE=SYSTEM/PLAIN,LOGIN/*


    You have not listed LDAP as an authentication source in this ENABLE option, so
    PMDF is not checking for the username/password in LDAP. Since you only have
    SYSTEM listed as an authentication source (LOGIN points to SYSTEM), PMDF is
    only using the VMS SYSUAF to verify the username/password. (If there is some
    way to configure VMS itself to check LDAP when the SYSUAF is queried, and you
    have configured that, then it is VMS doing that, not PMDF.)


    >If you change the password in the OpenVMS system password (sysuaf),
    >the password now is case sensitive.


    I don't know if this is what you are seeing, but in VMS 8.3, there is an
    available flag in SYSUAF called PWDMIX which enables case-sensitive passwords.
    (See help in authorize for more information.)


  2. Re: LDAP password question

    PWDMIX is also available in 7.3-2 after applying some patch (exactly
    which patch escapes my memory at the moment).

    - ken

    Valerie Miller wrote:
    >> In the pmdf_table:security.cnf we have:
    >>
    >> [RULESET=default]
    >> ENABLE=SYSTEM/PLAIN,LOGIN/*

    >
    > You have not listed LDAP as an authentication source in this ENABLE
    > option, so
    > PMDF is not checking for the username/password in LDAP. Since you only
    > have
    > SYSTEM listed as an authentication source (LOGIN points to SYSTEM),
    > PMDF is
    > only using the VMS SYSUAF to verify the username/password. (If there
    > is some
    > way to configure VMS itself to check LDAP when the SYSUAF is queried,
    > and you
    > have configured that, then it is VMS doing that, not PMDF.)
    >
    >
    >> If you change the password in the OpenVMS system password (sysuaf),
    >> the password now is case sensitive.

    >
    > I don't know if this is what you are seeing, but in VMS 8.3, there is an
    > available flag in SYSUAF called PWDMIX which enables case-sensitive
    > passwords.
    > (See help in authorize for more information.)
    >


    --
    - Ken
    ================================================== ===============
    Ken Connelly Associate Director, Security and Systems
    ITS Network Services University of Northern Iowa
    email: Ken.Connelly@uni.edu p: (319) 273-5850 f: (319) 273-7373


  3. Re: LDAP password question

    Hello,

    Thanks for your help!
    I was confused because without PWDMIX flag, the telnet connection is
    Case sensitive.

    Regards,
    ------------------------------------------
    Ramon Frontera Gallardo
    Centre de Tecnologies de la Informació
    Universitat de les Illes Balears
    Ctra.. Valldemossa km 7,5
    07122 Palma de Mallorca
    E-mail: Ramon.frontera@uib.es
    ------------------------------------------







    El 10/10/2008, a las 20:17, Ken Connelly escribió:


    > PWDMIX is also available in 7.3-2 after applying some patch (exactly
    > which patch escapes my memory at the moment).
    >
    > - ken
    >
    > Valerie Miller wrote:

    >>> In the pmdf_table:security..cnf we have:
    >>>
    >>> [RULESET=default]
    >>> ENABLE=SYSTEM/PLAIN,LOGIN/*

    >>
    >> You have not listed LDAP as an authentication source in this ENABLE
    >> option, so
    >> PMDF is not checking for the username/password in LDAP. Since you
    >> only have
    >> SYSTEM listed as an authentication source (LOGIN points to SYSTEM),
    >> PMDF is
    >> only using the VMS SYSUAF to verify the username/password. (If
    >> there is some
    >> way to configure VMS itself to check LDAP when the SYSUAF is
    >> queried, and you
    >> have configured that, then it is VMS doing that, not PMDF.)
    >>
    >>

    >>> If you change thepassword in the OpenVMS system password (sysuaf),
    >>> the password now is case sensitive.

    >>
    >> I don't know if this is what you are seeing, but in VMS 8.3, there
    >> is an
    >> available flag in SYSUAF called PWDMIX which enables case-sensitive
    >> passwords.
    >> (See help in authorize for more information.)
    >>

    >
    > --
    > - Ken
    > ================================================== ===============
    > Ken Connelly Associate Director, Security and Systems
    > ITS Network Services University of Northern Iowa
    > email: Ken.Connelly@uni.edu p: (319) 273-5850 f: (319) 273-7373
    >



+ Reply to Thread