Password policy ignored?

NethServer Version: 7.9.2009

I use an integrated Active Directory Account Provider. I disabled the policy for strong passwords

If I want to change a password with the user-settings page, I am only allowed to use a strong password, that fulfills the policy:

The save-button remains disabled. Can you advise?


I can confirm that disabling strong passwords doesn’t work for the user settings page so I think you found a bug.


a valid bug, I am on it


I think we have two bugs here

  • we do not honor the password strength none ($passwordstrength{Users} = none) in the settings page of cockpit when a user is not root like we can read above. In clear when password strength is set to none then the save button is still disabled until we match the strength of a strong password

  • When the password strength is set to none ($passwordstrength{Users} = none) in the user list page of cockpit , and you want to change the password of a user, the change button is blue and not disabled.
    It should be disabled first, then if the password are > 7 characters and equal, then it should become from gray (disabled) to blue (allowed).
    In fact we just return passwordStrength true or false (equal must be true to get passwordStrength true), we should return passwordStrength true/false and equal true/false to enable or disable the save button.
    Obviously this affects the user list and the settings/user_settings page of cockpit I do not know if it is really a bug or a new feature request, the aim is to enable the save/change button only if the password maths the two fields when password strength is set to none ($passwordstrength{Users} = none) .

cc @giacomo


The package is ready for testing:

@luxonion would you like to give it a try?

1 Like


1 Like