[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How to force password change upon account creation

To: Kyle Harris <kyle@theharrishome.com>
Subject: Re: How to force password change upon account creation
From: Dan White <dwhite@olp.net>
Date: Sun, 23 Dec 2012 18:42:46 -0600
Cc: openldap-technical@openldap.org
Content-disposition: inline
In-reply-to: <CAO5ZC7FdGmzYD-Uaodx2CZZh5K-4yo9=b7GYxDDBj=S9s8RvUQ@mail.gmail.com>
References: <CAO5ZC7FdGmzYD-Uaodx2CZZh5K-4yo9=b7GYxDDBj=S9s8RvUQ@mail.gmail.com>
User-agent: Mutt/1.5.21 (2010-09-15)

On 12/23/12 17:33 -0600, Kyle Harris wrote:

Hello All,

I have a perl script that allows for the creation of new accounts in
OpenLDAP.  I am attempting to find a way to force the newly created user to
change his or her password upon first login.  I tried setting the attribute
pwdMustChange to TRUE but that attribute must not be definable upon user
creation.  So, how can this be accomplished so that a new user is forced to
change passwords after they first log on?


By 'log in' I assume you're asking about shell access to your system, which
makes use of an ldap pam module to authenticate users. If so, the function
of prompting users to change their password will be handled by that piece
of software, and you should consult the documentation distributed with it.

If that's not the case, please clarify your authentication scenario.

--
Dan White

References:
- How to force password change upon account creation
  - From: Kyle Harris <kyle@theharrishome.com>

Prev by Date: How to force password change upon account creation
Next by Date: Re: Forcing TLS encryption
Index(es):
- Chronological
- Thread