[horde] PAM auth and expiring passwords
Michael J Rubinsky
mrubinsk at horde.org
Sat Nov 14 18:18:20 UTC 2015
Quoting Jason L Tibbitts III <tibbs at math.uh.edu>:
> I have Horde 5.2.8 set up and running fine using the PAM pecl module for
> authentication. In my old Horde setup I did authentication through the
> IMAP server but I wanted to try and do something more useful with
> expiring and expired passwords. (We actually use Kerberos for
> authentication, but that's an entirely different topic.)
>
> I know PAM itself has a way to communicate more information than just
> "login failed" or "login succeeded". Expiration messages even get into
> the server log:
>
> httpd[1428]: pam_sss(system-auth:auth): User info message: Your password
> will expire in 3 day(s).
>
> Has anyone played with making use of that information? I would at least
> like to inform users that their password is expiring or that they aren't
> able to log in because their password has expired. Ideally they'd be
> directed (or forced) to a password changing interface, but right now I'd
> settle for a useful warning or error.
>
> At this point I know little PHP but if anyone has some hints on how I
> might go about this and what documentation I'd need to read then I'm
> happy to have a go.
>
> - J<
> --
> Horde mailing list
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
According to
http://svn.php.net/viewvc/pecl/pam/trunk/README?view=markup there is a
parameter to check system account management (including expiriation
date, login hours etc...). However, it seems it might require root
access.
You would need to add this parameter to the pam_auth() call in
Horde_Auth_Pam:: so I would start there...
--
mike
The Horde Project
http://www.horde.org
https://www.facebook.com/hordeproject
https://www.twitter.com/hordeproject
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5751 bytes
Desc: S/MIME Signature
URL: <http://lists.horde.org/archives/horde/attachments/20151114/459eddc1/attachment.bin>
More information about the horde
mailing list