Andrew Kerr wrote: > > I am hoping to implement password expirations using 389. 389 is used > for system level auth across a few hundred redhat5 servers, but is > also used for web auth, and primarily so for less technical users > (access to Wiki, internal accounting systems, etc). > > What I?m struggling with is how users will be notified of their > upcoming password expiration if they don?t directly log in to a Unix > box. 389 has a check box to ?send warning X days before password > expires?, but I can?t find any documentation on what exactly that > means. How are they notified ? via email? > No. 389 sends back a password response control value that specifies how much time is remaining until expiration. LDAP clients such as pam_ldap understand how to parse the control. Other clients may not. > > If not, is there already a script out in the wild that will scan my > LDAP for upcoming expirations (via cron) and email notifications to users? > > Thanks! > > This message and the information contained herein is proprietary and > confidential and subject to the Amdocs policy statement, > you may review at http://www.amdocs.com/email_disclaimer.asp > > ------------------------------------------------------------------------ > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20091020/f0d581f1/attachment.bin
