Password Length issue with LDAP Integration
Hi, I am testing LDAP integration with RHL Enterprise 4.0 and 9.0 with Active Directory (AD) on Windows Server 2003 using Services For Unix 3.5
I modified both the /etc/ldap.conf and /etc/nsswitch.conf file along with the /etc/pam.d/system-auth using authconfig.
The authentication from AD works to a certain extent. If a password is reset in AD only the first 8 characters are carrying over to RHL. For instance if I have user1 and his password is 'Password1" it is only looking at 'Password' and letting the user authenticate. This is happening on both Enterprise 4.0 and the earlier version of 9.0
I only did the LDAP portion and not Kerberos. My basic problem is that authentication is working, but it only looks at the first 8 characters in the password from AD and if those are correct it allows the user in.
Has anyone encountered this behavior before and would you have any suggestions on how to fix it? Does Kerberos have to be implemented for the password characters to all carry over? Any help would be greatly appreciated.