Sandro,
ppolicy is documented in the slapo-ppolicy man page (from OpenLDAP). It may
not be a good fit if you're trying to enforce a password policy onto a
cyrus imap server.
You could use saslauthd with its PAM backend to enforce your password
policy, assuming you're only using PLAIN/LOGIN mechanisms.
How does LDAP fit into your overall picture?
On 23/10/09 11:10 -0200, Sandro Venezuela wrote:
Thanks Dan for your reply.
Today, expired passwords are controlled by PAM on the workstations and how
do I use openSUSE Linux that is easy to implement.
But the server I'm using only SASL+LDAP and wanted something similar
to PAM, but I'll be searching ont the Internet the use of ppolicy to
solve my problem.
Do you have any documentation to show about ppolicy?
Dan White escreveu:
On 22/10/09 21:36 -0200, Sandro Venezuela wrote:
Hi,
I have a e-mail server with Cyrus + SASL + LDAP and would like to
prohibit access to mailbox of the User when it is with the expired
password. How can I do that?
Sandro,
Cyrus SASL doesn't have a concept of password expiry. What mechanism is
controlling when your passwords expire? OpenLDAP ppolicy? or system
expiration (PAM)?
--
Dan White
