[Date Prev][Date Next]
Re: Updating ShadowLastChange with slurpd
> I have forced password expiration on first login by setting
> ShadowLastChange to 0.
> If a user logs in for the first time to any LDAP client machine or to the
> master itself, they're prompted to change their password immediately and
> the password gets updated immediately.
There was a bug in PAM/NSS LDAP where the shadow attributes were
attempted on a seperate anonymous bind, rather than the authenticated
bind. This was fixed awhile ago, but what is you version of PAM/NSS?