[Date Prev][Date Next] [Chronological] [Thread] [Top]

LDAP and PAM: account is expired, but pam_ldap allows authentification



Hello,

Could someone direct me to the source of wisdom to solve this: I have
set correctly the fields (attributes)

shadowExpire
shadowLastChange
shadowMin
shadowMax

to make the account expired (OpenLDAP used to run NT domain), but when I
ssh to a server using pam_ldap authentication, it is still allowed to login.

How pam_ldap should be instructed to take the expiration attributes ito
account?

Thanks.
Sincerely,
Konstantin