[Date Prev][Date Next] [Chronological] [Thread] [Top]

Password Expriation Question

Hash: SHA1


I'm attempting to get password aging working properly with *nix based
hosts and am not having much luck.  Here is the output from an account
I am testing with.

ldapsearch -x -D "uid=ahirsch,ou=people,dc=cellnet,dc=com" -b
"dc=cellnet,dc=com" "uid=tuser" -W
Enter LDAP Password:
# extended LDIF
# LDAPv3
# base <dc=cellnet,dc=com> with scope sub
# filter: uid=tuser
# requesting: ALL

# tuser, office, projects, cellnet.com
dn: uid=tuser,ou=office,ou=projects,dc=cellnet,dc=com
uid: tuser
cn: Test
sn: User
userPassword:: e2NyeXB0fUNzUTFMclhTY1VPaDI=
loginShell: /bin/bash
uidNumber: 999
gidNumber: 3
homeDirectory: /tmp
shadowMin: 14
shadowWarning: 14
shadowInactive: 30
shadowExpire: 12482
shadowFlag: 0
objectClass: top
objectClass: person
objectClass: posixAccount
objectClass: shadowAccount

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

As you can see thre search returns shadowWarning and shadowExpire.
Maybe I'm off on my epoch conversion, but think that I have the
shadowExpire set for March 05, 2004.  What I 'm wondering is why I'm
not getting any notification that the password will be expiring in x
number of days.  To get my shadowExpire time I've used the following
php algorithm:

$now = time()/86400;
$s_now = split("\.",$now);
$c_now = "$s_now[0]";
$p_expire = $c_now + 4;

$now returns epoch time, with seconds, i.e. 12478.7402430556.  $s_now
splits $now, i.e. 12478.  $c_now provides me with the first item in
the array. $p_expire adds four to the total of $c_now, i.e. 12482

Users have write access to userPassword and shadowExpire which is all
I think they need.

Anyone have any ideas of where I messed up?


- --
Aaron M. Hirsch
Atos Origin - Cellnet
11146 Thompson Ave.
Lenexa, KS 66219
Work:(913) 312-4717
Fax:(913) 312-4701
Mobile:(913) 284-9094
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org