Ryan Braun [ADS] wrote: > On March 2, 2010 03:18:43 pm Rich Megginson wrote: > >> Ryan Braun [ADS] wrote: >> >>> Is there an operational attribute or some other way to determine when the >>> last time an account was used to bind to the server (or any server in a >>> MMR setup). Basically looking to find out the last time an account >>> performed a bind operation to test for account inactivity. >>> >> No, but there is a proposal to add something like that - >> http://directory.fedoraproject.org/wiki/Account_Policy_Design >> > > Yeah looks like what I'm after in that document is the loginTimestamp > attribute. Most of our account maintenance would be done from cron and perl, > with pam checking the shadow attributes for account/password expiry > information. I just need a way to do a nightly audit for accounts that > haven't been used in X days. > > Any idea on when that might get implemented? (loaded question I know :) ) > No, but please file a bug/RFE > >>> Also, is there list of the available operational attributes anywhere? >>> >> grep -i operation /etc/dirsrv/schema/* >> > > Nice tip, thanks Rich. > > > Ryan Braun > Aviation and Defence Services Division > Chief Information Officer Branch, Environment Canada > CIV: 204-833-2500x2625 CSN: 257-2625 FAX: 204-833-2558 > E-Mail: Ryan.Braun@xxxxxxxx > -- > 389 users mailing list > 389-users@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/389-users > -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
