LDAP : disable password quality check

hi, i installed and LDAP domain into a school.

Students and Teachers are supposed to change their password on first login, and i found the way to do that…

i have one main problem, LDAP wont allow to use an easy password.
10 years old kids can’t and wont remember a long alphanumeric password.
how can i do that? The only thing i want is to have is a 4 digits long password.

here my steps:

yast2 ldap-server → databases → dc=qsilocal,dc=org (hdb) → Password Policy Configuration

than i selected:

Enable Password Policies
Disclose “Account Locked” status
Default Policy Object DN: cn=Default Policy (Append Base DN)

than i seleced
Edit Policy

so continuing…

Maximum Number of Passwords Stored in History = 0

than i checked

User Must Change Password After Reset
User Can Change Password

into “Password Quality Checking” i check “No Checking”

if i go into “ldap-browser” i get:

Attribute │Value
cn │Default Policy
objectClass │namedObject,pwdPolicy
pwdAttribute │userPassword
pwdCheckQuality │0
pwdExpireWarning │1296000
pwdMaxAge │7776000
pwdMinLength │4
pwdMustChange │TRUE
pwdSafeModify │FALSE

so… what’s wrong here?

Try modifying it using yast>network services>ldap client
Go to the advanced>Admin>user management and choose userconfig.
Just set the min and max lengths and it should work fine.
Disable the Policy check for the ldap server settings.
This should give you what you need.

i did , but it still want a strong password.

i also tried to remove the default password policy, but doing that i’m no more able to reset the password and make the user able to choose his own one.