On 01/03/2013 08:15 AM, Rich Megginson wrote:
On 01/02/2013 10:46 AM, Orion Poplawski wrote:
Is it possible to synchronize password expiration times between AD and
LDAP? We're just discovering that the AD sync to LDAP doesn't update
shadowLastChange which we are currently using on the LDAP side. Should we
use a different scheme for password expiration?
It's not possible. Please file an RFE ticket.
Filed: https://fedorahosted.org/389/ticket/548
However, we're probably going to switch to using the internal 389ds password
expiration (passwordExpirationTime) which does get updated during the sync.
Seems like a better and more general solution.
--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA, Boulder Office FAX: 303-415-9702
3380 Mitchell Lane orion@xxxxxxxx
Boulder, CO 80301 http://www.nwra.com
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
