Dan, I'm using LDAP to authenticate users on the Cyrus Imap Server, with Thunderbird and eGroupware, and also in the workstations. On the E-mail server, I'm using saslauthd with LDAP and when password expires, you can still access the mailbox through Thunderbird. My goal is just to solve this problem, because both eGroupware and PAM already do this for me. Do you have any idea? Thanks Dan White escreveu: > Sandro, > > ppolicy is documented in the slapo-ppolicy man page (from OpenLDAP). > It may > not be a good fit if you're trying to enforce a password policy onto a > cyrus imap server. > > You could use saslauthd with its PAM backend to enforce your password > policy, assuming you're only using PLAIN/LOGIN mechanisms. > > How does LDAP fit into your overall picture? > > On 23/10/09 11:10 -0200, Sandro Venezuela wrote: >> Thanks Dan for your reply. >> >> Today, expired passwords are controlled by PAM on the workstations >> and how >> do I use openSUSE Linux that is easy to implement. >> >> But the server I'm using only SASL+LDAP and wanted something similar >> to PAM, but I'll be searching ont the Internet the use of ppolicy to >> solve my problem. >> >> Do you have any documentation to show about ppolicy? >> >> Dan White escreveu: >>> On 22/10/09 21:36 -0200, Sandro Venezuela wrote: >>>> Hi, >>>> >>>> I have a e-mail server with Cyrus + SASL + LDAP and would like to >>>> prohibit access to mailbox of the User when it is with the expired >>>> password. How can I do that? >>> >>> Sandro, >>> >>> Cyrus SASL doesn't have a concept of password expiry. What mechanism is >>> controlling when your passwords expire? OpenLDAP ppolicy? or system >>> expiration (PAM)? > -- Sandro Venezuela Especialista Linux ______________________________________ Linux2Business - Soluções em Linux Rua Aracati, 488 - Santo André - SP Fone: (11) 4472-4418 - (11) 8485-1049 www.linux2business.com.br ______________________________________