Hello,
I’ve done a lot or research and re-read the OpenLDAP configuration guides but I cannot get my OpenLDAP 2.39 server to not allow users with expired passwords to login to ldap enabled clients. What directive in the /etc/pam.d/ files controls the users password
expiration attribute? pam_unix or pam_ldap?
Setup:
Server: RHEL7 OS
Software: OpenLdap 2.4.39 server using slapd service
Client: RHEL7 OS
Software: enabled Ldap via authconfig, using sssd service
Thank you, Liz |