François Beretti wrote:
The internet draft has unfortunately expired (again), but there is a recent copy of it here - http://www.dfn-pca.de/bibliothek/standards/ietf/none/internet-drafts/draft-behera-ldap-password-policy-07.txtOn 3/31/06, Richard Megginson <rmeggins@xxxxxxxxxx> wrote:François Beretti wrote:- Password must be changed after a reset - Password expiration warning - Password expired How can I detect these three events ?I'm not sure. You may want to ask on a Novell list to find out what is supported by their API. But in general, these events are returned to all LDAPv3 clients in the form of controls, so as long as the Novell API allows you to receive and parse the response controls, you should be able to get all of that information.Thank you for your answer. Is there a description somewhere of which controls are used by the Directory Server ?Yes. Fedora DS allows a configurable number of "grace logins" - the user is only allowed to BIND, then change their password.Thank you again
You have to specify the control with the request so that the server will know the client is aware of the response control.
See section 5 and later for details about the control OID to send, what is available in the response, and the behavior for different operations.
François -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
