[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Updating ShadowLastChange with slurpd

To: Brian <brianb@sboss.com>
Subject: Re: Updating ShadowLastChange with slurpd
From: Adam Williams <adam@morrison-ind.com>
Date: Thu, 27 Nov 2003 20:47:29 -0500
Cc: "OpenLDAP.org" <openldap-software@OpenLDAP.org>
In-reply-to: <55124.204.95.150.10.1069366327.squirrel@secure.sboss.net>
References: <55124.204.95.150.10.1069366327.squirrel@secure.sboss.net>

> I have forced password expiration on first login by setting
> ShadowLastChange to 0.
> If a user logs in for the first time to any LDAP client machine or to the
> master itself, they're prompted to change their password immediately and
> the password gets updated immediately.

There was a bug in PAM/NSS LDAP where the shadow attributes were
attempted on a seperate anonymous bind, rather than the authenticated
bind.  This was fixed awhile ago, but what is you version of PAM/NSS?

References:
- Updating ShadowLastChange with slurpd
  - From: "Brian" <brianb@sboss.com>

Prev by Date: Re: openldap 2.0 and openldap 2.1
Next by Date: LDAPMessage def
Index(es):
- Chronological
- Thread