sources/ldap: improve ms-ad password complexity checking
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
602aed674b
commit
affafc31cf
|
@ -105,15 +105,17 @@ class LDAPPasswordChanger:
|
||||||
if len(user_attributes["sAMAccountName"]) >= 3:
|
if len(user_attributes["sAMAccountName"]) >= 3:
|
||||||
if password.lower() in user_attributes["sAMAccountName"].lower():
|
if password.lower() in user_attributes["sAMAccountName"].lower():
|
||||||
return False
|
return False
|
||||||
display_name_tokens = split(
|
# No display name set, can't check any further
|
||||||
RE_DISPLAYNAME_SEPARATORS, user_attributes["displayName"]
|
if len(user_attributes["displayName"]) < 1:
|
||||||
)
|
return True
|
||||||
for token in display_name_tokens:
|
for display_name in user_attributes["displayName"]:
|
||||||
# Ignore tokens under 3 chars
|
display_name_tokens = split(RE_DISPLAYNAME_SEPARATORS, display_name)
|
||||||
if len(token) < 3:
|
for token in display_name_tokens:
|
||||||
continue
|
# Ignore tokens under 3 chars
|
||||||
if token.lower() in password.lower():
|
if len(token) < 3:
|
||||||
return False
|
continue
|
||||||
|
if token.lower() in password.lower():
|
||||||
|
return False
|
||||||
return True
|
return True
|
||||||
|
|
||||||
def ad_password_complexity(
|
def ad_password_complexity(
|
||||||
|
|
Reference in New Issue