[Date Prev][Date Next]
Re: Howto time expires an Openldap account ?
LABICHE Alexandre wrote:
Thanks for your quick reply and your perfect analyse.
To explain what I use in ppolicy is to lock an account at a specific
time. Exactly the account is locked because user doesn't change his
password after a graceful period. But if he changes his password before
graceful period , his account is OK for a new period.
So if want to lock an account I must block the "change password" for
users. That's what I think.
It's not really a expiredtime account and our internal policy wants
users change their passwords.
This is what the ppolicy pwdMaxAge policy setting is for.
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/