Hello, As I understand it, if a user authenticates to the LDAP server within passwordWarning seconds of passwordExpirationTime and passwordExpWarned is not set, the passwordExpirationTime attribute will automatically be increased to ensure that the user has sufficient warning time. Is this correct? I would like to have passwordWarning set so that users have the opportunity of being warned prior to password expiration, but due to local policy I don't want passwordExpirationTime to be increased. Thus, I'm willing to accept that in some cases users may a shorter warning period, or not warning at all. Unfortunately, I don't see a way of doing this. Is there a way to disable the automatic adjustment of passwordExpirationTime? I've tried using a CoS to set passwordExpWarned, but that did not appear to work. I expect that I could write a plugin to set passwordExpWarned right after the password has been changed, but that seems like a reasonable bit of work. Any suggestions? Thanks, -- Iain Morgan -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
