> -----Original Message----- > From: fedora-directory-users-bounces at redhat.com > [mailto:fedora-directory-users-bounces at redhat.com] On Behalf > Of jclowser at unitedmessaging.com > Sent: Tuesday, June 14, 2005 11:26 AM > To: General discussion list for the Fedora Directory server project. > Subject: Re: pam_ldap and password policy > changed. BTW - how would pam_ldap force the user to change > their password - can it do it itself, or would it require the > user to log in and run passwd or something? It may not be possible. > PAM has the necessary protocol for password changes during logon - in fact PAM gets called by passwd. However, I do not know off hand whether pam_ldap implements those functions. > effect (what does FDS do, btw? Prevent the account from > binding again, effectively locking the user out? Does it > allow some number of binds before it takes effect? I can't > remember cause I never use it :) ) I believe it begins nagging some time before it takes action.
