[Date Prev][Date Next] [Chronological] [Thread] [Top]

Tips when implementing password policies

To: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Subject: Tips when implementing password policies
From: Chris Jacobs <Chris.Jacobs@apollogrp.edu>
Date: Tue, 23 Mar 2010 14:19:57 -0700
Accept-language: en-US
Acceptlanguage: en-US
Content-language: en-US
Thread-index: AcrKzpZiK0J8bSNATL6XyD7hF+/eNw==
Thread-topic: Tips when implementing password policies

Hello,

I'm upgrading our LDAP infrastructure (it'll be a cut-over) and I've noticed that after adding pwdPolicySubentry to a user's account, it doesn't seem to have any affect.

This user hasn't /ever/ reset their password, and the user's account doesn't show any password policy grace period usage after the test.

The pwdPolicySubentry is still the only password policy related entry on his account.

This suggests that I'll need to force people to change their password's at some point.

1) Is what I'm seeing normal/expected?
2) What method(s) have you used to force people to change their password - beyond asking them?

Thanks!
- chris

Chris Jacobs, Jr. Linux Administrator, Information Technology & Operations
Apollo Group | Apollo Marketing | Aptimus, Inc.
2001 6th Ave | Ste 3200 | Seattle, WA 98121
phone: 206.441-9100 x1245 | cell: 206.601.3256 | Fax: 208.441.9661
email:  chris.jacobs@apollogrp.edu

This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system.

Follow-Ups:
- Re: Tips when implementing password policies
  - From: Tyler Gates <tgates81@gmail.com>

Prev by Date: Quick help on ldap modify with different domain name
Next by Date: Re: Problem with getent passwd
Index(es):
- Chronological
- Thread