Discussion:
[SOGo] How to setup password policy in SOGo?
s***@gmail.com
2015-08-10 05:34:15 UTC
Permalink
Hi

SOGo allows users to change their password and I like that because users can
change their password without calling IT department.
The problem comes when users set a too easy password because server security
can be exposed.
Is it possible setting up a password policy in SOGo to avoid users could set a
too easy password?
Is there any option to review periodically password complexity/length ?
Thanks in advance!!
--
***@sogo.nu
https://inverse.ca/sogo/lists
Christian Mack
2015-08-10 13:07:57 UTC
Permalink
Hello
Post by s***@gmail.com
SOGo allows users to change their password and I like that because users can
change their password without calling IT department.
The problem comes when users set a too easy password because server security
can be exposed.
Is it possible setting up a password policy in SOGo to avoid users could set a
too easy password?
Is there any option to review periodically password complexity/length ?
No, there is no such function in SOGo.

But SOGo respects AD or LDAP password policies.
If you use a database as authentication source, you are on your own.

For OpenLDAP you need the ppolicy module.


Kind regards,
Christian Mack
--
Christian Mack
Universität Konstanz
Kommunikations-, Informations-, Medienzentrum (KIM)
Abteilung Basisdienste
78457 Konstanz
+49 7531 88-4416
Federico Alberto Sayd
2015-08-10 15:56:08 UTC
Permalink
Post by Christian Mack
Hello
Post by s***@gmail.com
SOGo allows users to change their password and I like that because users can
change their password without calling IT department.
The problem comes when users set a too easy password because server security
can be exposed.
Is it possible setting up a password policy in SOGo to avoid users could set a
too easy password?
Is there any option to review periodically password complexity/length ?
No, there is no such function in SOGo.
But SOGo respects AD or LDAP password policies.
If you use a database as authentication source, you are on your own.
For OpenLDAP you need the ppolicy module.
Kind regards,
Christian Mack
I have tried OpenLdap with ppolicy overlay but I get the following error
in sogo.log:

Jul 31 12:57:25 sogod [18881]: <0x0xb83f50a8[NGLdapConnection]> change
password - ldap_find_control call failed

The only info that I have found is this list message:

https://www.mail-archive.com/***@sogo.nu/msg00227.html

But I don't think that it applies because my OpenLdap server is >
2.4.17. Do I still need to recompile sope49-ldap package against my
openldap libs?

S.O: Debian Wheezy 7.8
SOGo: 2.3.1
Openldap: 2.4.31
--
***@sogo.nu
https://inverse.ca/sogo/lists
Loading...