[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Password expiration

Yes I did it succsessfully. You to set the following parameter for each user and
then the apropriate permissions for these to be altered.

The parameters are:
shadowLastChange: <number of days since january 1, 1970>
shadowMax: <number of days that password before password must be changed>

I recommend that you set also this parameter so that users are warned for
password expiration:
shadowWarning <number days before password expires for warning users>

In my case I'have configured all of my machines with pam_ldap and nss_ldap so
that pam uses this info when users login.


> Has anybody been successful, or know of a way to enforce password
> expiration in OpenLDAP?

Pedro Silva

LabCC - Laboratórios Informáticos do Departamento de Ciência de Computadores
E-Mail: LabCC@labcc.dcc.fc.up.pt
Web: http://www.labcc.dcc.fc.up.pt/