# SSHA, SSHA256, SSHA384, SSHA512
# SHA, SHA256, SHA384, SHA512
# SMD5
# MD5
# CRYPT
# clear (the default)
# auto (will check the hash of current password)
# This option is not used with ad_mode = true
$hash = "clear"; //启用密码加密算法,此选项在Active Directory模式下被忽略。
# Prefix to use for salt with CRYPT
$hash_options['crypt_salt_prefix'] = "$6$";
$hash_options['crypt_salt_length'] = "6";
# Local password policy
# This is applied before directory password policy
# Minimal length
$pwd_min_length = 6; //定义最短密码位数
# Maximal length
$pwd_max_length = 14; //定义最长密码位数
# Minimal lower characters
$pwd_min_lower = 0; //定义密码应包含多少位小写字母
# Minimal upper characters
$pwd_min_upper = 0; //定义密码应包含多少位大写字母
# Minimal digit characters
$pwd_min_digit = 0; //定义密码应包含多少位数字
# Minimal special characters
$pwd_min_special = 0; //定义密码应包含多少位特殊字符
# Definition of special characters
$pwd_special_chars = "^a-zA-Z0-9"; //定义密码正则表达式
# Forbidden characters
#$pwd_forbidden_chars = "@%"; //定义密码禁止的特殊字符
# Don't reuse the same password as currently
$pwd_no_reuse = true; //是否禁止使用重复密码
# Check that password is different than login
$pwd_diff_login = true; //检查密码是否与登录密码不同
# Complexity: number of different class of character required
$pwd_complexity = 3; //定义密码应包含多少种组合
# use pwnedpasswords api v2 to securely check if the password has been on a leak
$use_pwnedpasswords = false; //检查密码是否已在https://haveibeenpwned.com数据库中泄露
# Show policy constraints message:
# always
# never
# onerror
$pwd_show_policy = "always"; //是否显示密码更改策略
# Position of password policy constraints message:
# above - the form
# below - the form
$pwd_show_policy_pos = "above"; //定义密码更改策略显示位置
# Who changes the password?
# Also applicable for question/answer save
# user: the user itself
# manager: the above binddn
$who_change_password = "manager"; //定义使用什么账户来修改密码,如选用manager请确保binddn用户有修改用户密码的权限(建议域管理员身份)
## Standard change
# Use standard change form?
$use_change = true; //启用密码更改功能
## SSH Key Change
# Allow changing of sshPublicKey?
$change_sshkey = false;
# What attribute should be changed by the changesshkey action?
$change_sshkey_attribute = "sshPublicKey";
# Who changes the sshPublicKey attribute?
# Also applicable for question/answer save
# user: the user itself
# manager: the above binddn
$who_change_sshkey = "user";
# Notify users anytime their sshPublicKey is changed
## Requires mail configuration below
$notify_on_sshkey_change = false;
## Questions/answers
# Use questions/answers?
# true (default)
# false
$use_questions = true; //启用问题答案修改密码功能
# Answer attribute should be hidden to users!
$answer_objectClass = "user"; //如果$answer_attribute属性不是在标准用户对象类,配置对象类与此属性的使用方法,在Active Directory中,extensibleObject的是不知道。您可以使用user,
$answer_attribute = "info"; //LDAP用户存储问题密码字段,属性名称必须是小写
# Crypt answers inside the directory
$crypt_answers = false; //是否加密问题答案
# Extra questions (built-in questions are in lang/$lang.inc.php)
#$messages['questions']['ice'] = "What is your favorite ice cream flavor?";
$messages['questions']['Q3'] = "你少年时代最好的朋友叫什么名字?"; //额外的问题
$messages['questions']['Q4'] = "你的第一个宠物叫什么名字?";
$messages['questions']['Q5'] = " |