Bug 1332710
Summary: | password history is not updated when an admin resets the password | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Noriko Hosoi <nhosoi> | |
Component: | 389-ds-base | Assignee: | Noriko Hosoi <nhosoi> | |
Status: | CLOSED ERRATA | QA Contact: | Viktor Ashirov <vashirov> | |
Severity: | urgent | Docs Contact: | ||
Priority: | urgent | |||
Version: | 6.0 | CC: | amsharma, arubin, ekeck, nkinder, pbokoc, rmeggins | |
Target Milestone: | rc | Keywords: | ZStream | |
Target Release: | --- | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | 389-ds-base-1.2.11.15-82.el6 | Doc Type: | Bug Fix | |
Doc Text: |
When a user password was reset by an administrator, the old password was previously not stored in the user's password history. This allowed the user to reuse the same password after the reset. With this update, resetting a password also stores it in password history, and the user must use a different password.
|
Story Points: | --- | |
Clone Of: | ||||
: | 1342614 (view as bug list) | Environment: | ||
Last Closed: | 2017-03-21 10:21:39 UTC | Type: | --- | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1342614 |
Description
Noriko Hosoi
2016-05-03 21:07:29 UTC
Justification: From the security perspective, password reset must strictly follow the password policy. Executed upstream test :: ========================= test session starts platform linux2 -- Python 2.7.8, pytest-3.0.4, py-1.4.31, pluggy-0.4.0 -- /opt/rh/python27/root/usr/bin/python cachedir: .cache DS build: 1.2.11.15 B2016.312.1950 389-ds-base: 1.2.11.15-85.el6 nss: 3.27.1-7.el6 nspr: 4.13.1-1.el6 openldap: 2.4.40-14.el6 svrcore: 4.0.4-5.1.el6 rootdir: /export/tests, inifile: plugins: html-1.11.0, cov-2.4.0, beakerlib-0.6 collected 1 items suites/password/pwp_history_test.py::test_pwp_history_test PASSED === 1 passed in 38.93 seconds Marking bug as verified. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2017-0667.html |