[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Expired password notification
Michael Ströder wrote:
> Andris Eiduks wrote:
>>
>> ldapsearch with option "-e ppolicy" shows info about necessary
>> password change.
>>
>> Is possible to get the same info by BIND operation performing from
>> other systems side again OpenLDAP?
>> Or we must create special functions in application for user attributes
>> checking (pwdChangedTime, pwdGraceUseTime) and notification generation ?
>
> The client applications have to support this as well by using the
> password policy extended control with the bind request. Basically that's
> what ldapsearch is doing when you use it with "-e ppolicy".
>
> See also doc/drafts/draft-behera-ldap-password-policy-xx.txt in
> OpenLDAP's source distribution.
>
> Another approach could be to inform users via e-mail.
But what if users don't read emails until password expiration?
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Email: pierangelo.masarati@sys-net.it
---------------------------------------