[OPENDJ-1610] Original password is not put in password history when password is reset without specifying the new password Created: 27/Oct/14  Updated: 08/Nov/19  Resolved: 05/Dec/15

Status: Done
Project: OpenDJ
Component/s: security
Affects Version/s: 2.4.6
Fix Version/s: 3.0.0, 2.8.0, 2.6.3

Type: Bug Priority: Major
Reporter: li run [X] (Inactive) Assignee: Ludovic Poitou
Resolution: Fixed Votes: 0
Labels: Verified, release-notes

QA Assignee: Ondrej Fuchsik


In the password policy, I have a password generator for the account, and also I set the ds-cfg-password-history-count = 5 to keep five used passwords.

And then I use the ldappasswordmodify command to reset the password of the account without the new password, but relying on the password generator. for example:

./ldappasswordmodify --hostname localhost --port 24389 --bindDN "cn=Root, ou=Accounts, ou=System, dc=test.com" --bindPassword "test,111" --authzID "u:aaa@test"

After this code executed, I can have the new generated password generated, but the problem is, the original password is not put into the password history.

Comment by Ludovic Poitou [ 17/Mar/15 ]

Fixed. Unit test added, and the whole test suite was cleanup.

Comment by Ondrej Fuchsik [ 24/Mar/15 ]

Reproduced with version OpenDJ 2.4.6 .
Verified the fix with:

OpenDJ 3.0.0

Build 20150324011059

  Name Build number Revision number
Extension: snmp-mib2605 3.0.0 11960
OpenDJ 2.6.3

Build 20150317172816Z

  Name Build number Revision number
Extension: snmp-mib2605 2.6.3 11937
Comment by Matthew Swift [ 06/May/15 ]

Tagged for bulk CLOSE after update.

Comment by Ludovic Poitou [ 22/Jul/15 ]

Added release-notes label

Comment by Mark Craig [ 05/Dec/15 ]

Reopening for editorial change to description

Generated at Sat Oct 31 01:43:13 UTC 2020 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.