|
On 02/28/2017 11:40 AM, xinhuan zheng
wrote:
Please take a look at the Doc.Hello, I have setup password policy for user account to enforce a few things: passwordchange: on passwordchecksyntax: on passwordexp: on passwordlockout: on passwordlockoutduration: 180 passwordmaxage: 7 https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html/Configuration_Command_and_File_Reference/Core_Server_Configuration_Reference.html#cnconfig-passwordMaxAge_Password_Maximum_Age 3.1.1.182. passwordMaxAge
(Password Maximum Age)
passwordmaxfailure: 3 passwordmustchange: on passwordwarning: 518400 With that policy on a user account, I changed one user's password from 389 console. It basically resets user's password. When user login, user gets "Password expired. Change your password now." prompt. The user goes through prompt to change the password. Then user gets login shell successfully. User then logout. Next time when user login again, the user still gets "Password expired. Change your password now." prompt. It appears 'passwordexpirationtime' attribute is set to the very first time when user changed password, but never set to password change time + 7 days, as the policy is configured. What went wrong in my previous procedure? How do I get passwordexpirationtime set to correct time when user change their password from administrative reset? Thanks, - xinhuan _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
|
_______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
