Re: ShadowMax is not working

[cbulist <cbulist@gmail.com>]

Hi,

I fixed the problem removing nss-pam-ldapd and reinstalling it. (CentOS 6.3)
Now I can change my password when I set shadowMax to a short period (15 
o 20).
The password is changed successfully but shadowLastChange not.

How my server is a test server I set the ACL to write everything in 
order to avoid problem.
I know it would be a problem with pam_ldap.conf and nslcd.conf and It is 
not the right list for that but I wrote email to pam_ldap list and I did 
not get answer.

I really appreciate if somebody with shadowLastChange updated 
successfully may share pam_ldap.conf and nslcd.conf  with me.

Thanks in advance!


On 09/13/2012 01:58 PM, Cris Collins wrote:
> Try looking at this article:
> http://www.linuxquestions.org/questions/linux-server-73/openldap-passwords-expiring-immediately-936583/ 
>
>
> On 09/13/2012 12:42 PM, cbulist wrote:
> > Hi,
> >
> > I have set a user with ShadowMax  to 15 in order to get a expiration 
> > warning but it doesn't work and the client gets login. (I'm not using 
> > Password Policy)
> > I read some post and them reference to pam_ldap.conf on the client, 
> > but I do not see any option about it.
> > My openldap server version is: 2.4.23-26
> >
> > Any clue with this problem?
> >
> > Thanks!