[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Ppolicy DIGEST-MD5 ignore expired password

To: Jiri Netolicky <netolish@gmail.com>
Subject: Re: Ppolicy DIGEST-MD5 ignore expired password
From: Howard Chu <hyc@symas.com>
Date: Wed, 25 Apr 2007 08:17:29 -0700
Cc: openldap-software@openldap.org
In-reply-to: <3e2aaaf50704250726p2fe39fc6o37c3d3622147b05a@mail.gmail.com>
References: <3e2aaaf50704250726p2fe39fc6o37c3d3622147b05a@mail.gmail.com>
User-agent: Mozilla/5.0 (X11; U; Linux i686; rv:1.9a4pre) Gecko/20070409 SeaMonkey/1.5a

Jiri Netolicky wrote:

Have a nice day.

I have to implement password policy in our OpenLdap. During testing futures
of ppolicy module I found that they ignore expired password when I authenticate
user by SASL DIGEST-MD5.
When I try on exprired account:

Correct. Password policies as currently defined in LDAP only affect Simple Binds.

--
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP     http://www.openldap.org/project/

Follow-Ups:
- Re: Ppolicy DIGEST-MD5 ignore expired password
  - From: "Jiri Netolicky" <netolish@gmail.com>

References:
- Ppolicy DIGEST-MD5 ignore expired password
  - From: "Jiri Netolicky" <netolish@gmail.com>

Prev by Date: Ppolicy DIGEST-MD5 ignore expired password
Next by Date: Re: slapd becoming mysteriously slow
Index(es):
- Chronological
- Thread