Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Can I force user password changes via confluence to OpenLDAP to bind as the user

Dexter AWS
Dexter AWS June 12, 2015

I have a confluence server that authenticates against an OpenLDAP server.  This is working fine, it obeys the groups, obeys the users, lets users change their password, etc.

This is also where the problem comes in, when changing passwords it doesn't seem to be behaving the same way a ldappasswd command would, it is allowing users to override the password policy for instance (length, complexity).  Those are being enforced when I run ldappasswd or passwd on a general linux machine.  

I assume this is happening because the query is being executed as the bind user, which has access to change the userPassword field without going through the pwpolicy module.

Is there a way to have Confluence bind as the user vs the binddn for password changes?  That should fix that problem.

Answer
Watch
Like Be the first to like this
232 views

1 answer

0 votes
Boris Berenberg
Boris Berenberg
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 12, 2015

I don't think that this is currently possible. The simplest workaround would be to use a bind user that can not bypass the pwpolicy module. Long term, it may be best to file a suggestion against Confluence and Crowd for this.

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events