[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Defining a password attributetype
On Friday, 3 September 2010 19:26:05 Michael Ströder wrote:
> IMO that's bad practice. When doing a password reset you should set a
> random value in userPassword together with password expiration attribute
> (slapo-ppolicy).
IMHO, the correct attribute to set would have been pwdReset, but unfortunately
there is no way to enforce users to reset their passwords in applications that
don't support ppolicy (as users won't get locked out if they just keep using
the temporary password).
I think I sent feedback to Howard on the new ppolicy draft about this ...
Regards,
Buchan