[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Tips when implementing password policies
On Wednesday, 24 March 2010 03:37:15 Chris Jacobs wrote:
> Okay, it says:
> "If pwdChangedTime does not exist, the user's password will not expire."
>
> How have you guys dealt with this?
Just reset the passwords the current values, with something along the lines
of:
ldapsearch -x -D $rootdn -W -L "(&(objectclass=posixAccount)(!
(pwdChangedTime=*)))" userPassword|ldapmodify
> I suspect that just asking people to
> please change their passwords so we can make sure they expire will result
> in a low turn-out rate. :p
Depending on how your users access the directory, setting pwdReset to TRUE may
be an alternative.
Regards,
Buchan