[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: password expiration check

To: "Krishan Rathi" <krishanr@damcogroup.com>
Subject: Re: password expiration check
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Fri, 07 Apr 2006 09:01:28 -0700
Cc: "ietf-ldapbis@OpenLDAP.org" <ietf-ldapbis@OpenLDAP.org>
In-reply-to: <WorldClient-F200604072052.AA52280768@damcogroup.com>
References: <WorldClient-F200604072052.AA52280768@damcogroup.com>

Krishan,

Please note that ietf-ldapbis@openldap.org mailing list is
for discussing the work of the IETF LDAPv3 Revision
Working Group (LDAPBIS), in particular, the revision of the
(base) LDAPv3 Technical Specification.

Discussion of LDAP extension specifications, including
password policies, should be directed to the IETF LDAP
Extensions <ldapext@ietf.org> mailing list.

Discussions regarding particular LDAP implementations
should be directed to a forum chartered to discuss that
implementation.  Sun operates a forum at:
   http://forum.java.sun.com/forum.jspa?forumID=51
for JNDI discussions.  IBM operates a newsgroup available
at:
   http://groups.google.com/group/ibm.software.ldap

And there is is a general LDAP list at:
   http://listserver.itd.umich.edu/cgi-bin/lyris.pl?enter=ldap

(These might not be the best forums for discussions of
these vendor's wares, I suggest those with other
suggestions send them off-list to Krishan.)

Regards, Kurt (LDAPBIS co-chair)


At 08:22 AM 4/7/2006, Krishan Rathi wrote:
>Hi 
> 
>i had tried to find out the list of all user's whose passwords are expired. 
>i had written some jndi code by finding the max age and then find out the 
>current time and subtracted this current time from max age using the 
>following code 
> 
> 
>"Attributes attbts=ctx.getAttributes("cn=pwdpolicy");
>         String maxAge=(String)attbts.get("pwdMaxAge").get();
>         Date  Today = new Date();
>         System.out.println("maxAge"+maxAge);
>         long curTime=(Today.getTime())-Long.parseLong(maxAge)*1000;"
> 
>and then parse it and create a string time as follows
>  
>String time=year+month+day+hour+minute+second+"Z"; 
> 
>where "year" "month" etc were parsed from curTime 
> 
> 
>now i can get the list by using following code
> 
> 
>"String filterCriteria="(&(objectclass=dci-user)(pwdChangedTime>="+time+")";
>        NamingEnumeration results = ctx.search(baseDN,filterCriteria, sc); "
> 
>but the current time which i am getting is the time of my system not the 
>time of ldap server
> 
>so my questions are following;
> 
>1.Can there is any way by which i can get the tivole sever's system time.
> 
>2.If there is no way then can you suggest any other way to find out the list 
>of user's whose passwords are expired.
> 
>please help me.
> 
> 
>Thanks.
>Krishan Rathi.

References:
- password expiration check
  - From: "Krishan Rathi" <krishanr@damcogroup.com>

Prev by Date: password expiration check
Index(es):
- Chronological
- Thread