[Date Prev][Date Next] [Chronological] [Thread] [Top]

[ldapext] password policy: exclude (or exempt) user from policy

To: ldapext <ldapext@ietf.org>
Subject: [ldapext] password policy: exclude (or exempt) user from policy
From: Kurt Zeilenga <Kurt.Zeilenga@Isode.com>
Date: Mon, 5 Jul 2010 13:14:55 -0700
Delivered-to: ldapext@core3.amsl.com

It is desirable to have a mechanism to exclude (or exempt) a user from the policy.  For instance, it's nasty for various accounts associated with application entities (as opposed to humans) to be locked out.

In the Isode implementation, we have an operational single-valued attribute, pwdExclude, which if present in the user's entry and has the boolean value TRUE exempts the user from all password policy enforcement.

It would be good to add something like this to the spec.

-- Kurt
_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www.ietf.org/mailman/listinfo/ldapext

Follow-Ups:
- Re: [ldapext] password policy: exclude (or exempt) user from policy
  - From: Howard Chu <hyc@highlandsun.com>
- Re: [ldapext] password policy: exclude (or exempt) user from policy
  - From: Ludovic Poitou <Ludovic.Poitou@Sun.COM>

Prev by Date: Re: [ldapext] password policy: account idling in distributed systems
Next by Date: Re: [ldapext] password policy: exclude (or exempt) user from policy
Index(es):
- Chronological
- Thread