Use the dsconfig
tool to configure, update, and test the Unique
Characters Password Validator.
-
To edit the existing default configuration, run the dsconfig
tool.
In this example, we set the minimum number of unique characters that a password is allowed to contain to 3.
$ bin/dsconfig set-password-validator-prop \ --validator-name "Similarity-Based" --set min-unique-characters:3
-
Update an existing password policy to use the Unique Characters Password
Validator.
$ bin/dsconfig set-password-policy-prop \ --policy-name "Default Password Policy" \ --set "password-validator:Unique Characters"
-
Test the Unique Characters Password Validator by submitting a password that has
fewer than the minimum number of unique characters, such as 3.
$ bin/ldappasswordmodify \ --authzID "uid=user.0,ou=People,dc=example,dc=com" \ --newPassword aaaaa
The LDAP password modify operation failed with result code 53 Error Message: The provided new password failed the validation checks defined in the server: The provided password does not contain enough unique characters. The minimum number of unique characters that may appear in a user password is 3