[Date Prev][Date Next] [Chronological] [Thread] [Top]

Howto time expires an Openldap account ?


I would like to know if I can use somethiing like this in slapd.conf

After adding a "Generalized Time" attribut in schema (for example expiredtime)

access to attrs=userpassword  filter=(expiredtime<=NOW)

But how can I implement the function NOW because slapd must evaluate this value at each login.

There are others heavy methods like ppolicy but User can't change his password (expiredtime eq pwdChangedPassword)

Or create an expiredtime and with a external daliy process,  flag account .

Or create a back method with a lot of leak memory ...