[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Expired password notification

Michael Ströder wrote:
> Andris Eiduks wrote:
>> ldapsearch  with option "-e ppolicy" shows info about necessary
>> password change.
>> Is possible to get the same info by BIND operation performing from
>> other systems side again OpenLDAP?
>> Or we must create special functions in application for user attributes
>> checking (pwdChangedTime, pwdGraceUseTime) and notification generation ?
> The client applications have to support this as well by using the
> password policy extended control with the bind request. Basically that's
> what ldapsearch is doing when you use it with "-e ppolicy".
> See also doc/drafts/draft-behera-ldap-password-policy-xx.txt in
> OpenLDAP's source distribution.
> Another approach could be to inform users via e-mail.

But what if users don't read emails until password expiration?


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Email:   pierangelo.masarati@sys-net.it