Shadow account vs. password policy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi all,
I imported our Unix/Linux password and shadow files into FDS recently 
(using LdapImport.pl) and I'm trying to figure out the difference or 
conflicts between the shadowaccount object class attributes (shdowmax, 
shadowwarning etc.) and the passwordexpiriationtime and 
passwordexpiredwarned etc. attributes that I assume come from the 
Password policy settings features of the directory.

I'm having trouble getting inconsistent results when expiring accounts 
to test whether or not the PAM ldap client (on RedHat Enterprise 4 
systems) weighs one set of attributes more more over the other or even 
cares about them at all.  Does anyone have experience with the PAM 
clients and the directory's password policy settings vs. the 
shadowaccount attributes?  Should I quit using the password and password 
expiration features and just use the shadowaccount attributes or ditch 
the shadowaccount object class altogether?

If PAM will honor the password expiration policy then I may just write a 
little something to set the policy attributes from the shadow attributes 
of the imported files and then remove shadowaccount OC altogether.  Any 
thoughts?




[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux