[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: RHEL7 OpenLDAP server is not enforcing password expirations

To: openldap-technical@openldap.org
Subject: Re: RHEL7 OpenLDAP server is not enforcing password expirations
From: Abdelhamid Meddeb <abdelhamid@meddeb.net>
Date: Sat, 29 Aug 2015 08:57:37 +0200
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=meddeb.net; s=20140924; h=from:subject:date:message-id:to:mime-version:content-type:in-reply-to: references; bh=PYO2/KyMoBCYF+Kl/rcMAl9GbiEoccYaMK1K890BmLs=; b=lLTJWSUDMpGYN+9jJkGfwXe/QrnLKIM+FSzSuvwH20EJWlvYKdlwN9P9fbUTvRH8YgDe17cQaycHJ 45Ro5byRmvT7zMeLpz7X364aHsmi0ZL9BPZdlXwSILXZlGTCp2Y/+zcvmzEV3EpnqT3p8pKMF2G8xe jKKLkmok20Cpi3Bw=
In-reply-to: <D204BC1F.D648%Elizabeth.Real@jpl.nasa.gov>
References: <D204BC1F.D648%Elizabeth.Real@jpl.nasa.gov>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.8.0

Hi,

No one.

If password expire in openldap server, the client (whatever is it) bind*fail*. Thats all.


Cheers.

Le 28/08/2015 00:56, Real, Elizabeth (392K) a écrit :

Hello,

I’ve done a lot or research and re-read the OpenLDAP configuration
guides but I cannot get my OpenLDAP 2.39 server to not allow users with
expired passwords to login to ldap enabled clients. What directive in
the /etc/pam.d/ files controls the users password expiration attribute?
pam_unix or pam_ldap?



--
*Abdelhamid Meddeb*
http://www.meddeb.net

Attachment: smime.p7s
Description: Signature cryptographique S/MIME

References:
- RHEL7 OpenLDAP server is not enforcing password expirations
  - From: "Real, Elizabeth (392K)" <Elizabeth.Real@jpl.nasa.gov>

Prev by Date: Re: 2.4.17 -> 2.4.39 replication: null callback : error code 0x10
Next by Date: Re: ppolicy and pwdGraceUseTime
Index(es):
- Chronological
- Thread