[imp] imp Digest, Vol 2581, Issue 1

steen at ing-steen.se steen at ing-steen.se
Wed May 5 15:22:59 UTC 2010 

> > Message: 3
> > Date: Tue, 04 May 2010 12:37:33 +0200
> > From: Jan Schneider <jan at horde.org>
> > To: imp at lists.horde.org
> > Subject: Re: [imp] Horde Password Aging, allow change at login ?
> > Message-ID: <20100504123733.17141ufabwz0bx8k at neo.wg.de>
> > Content-Type: text/plain; charset=ISO-8859-1; DelSp="Yes";
> >    format="flowed"
> >
> > Zitat von steen at ing-steen.se:
> >
> > > Hello Folks!
> > >
> > > As far I can see Horde alerts when password is about to be aged, and
> > > finally locks one out, that is nice.
> > >
> > > Now to the questions, I am using LDAP as backend, all working fine.
> > >
> > > Is there a standard hook to pop up in the user face when he/she
logins
> and
> > > password is expired, so they can change password ?
> > > Am I on myself to write some PHP code who does the job ?
> > >
> > > I know it is possible to use preauth/postauth hook, but it is "only
> > > returning" variables back.
> > > How do I kick off the password change forumlar ?
> >
> > I'm confused. In your first sentence you said that it's already
> > working, so what do you still need?
> >
> > Jan.
> >
> > --
> > Do you need professional PHP or Horde consulting?
> > http://horde.org/consulting/
>
> Hello Jan!
>
> It is working to that point horde tell that account is expired, nothing
> more, you do not get any chanse to
> change the password as user.
>
>
> Regards //
>                //  Peter Steen
>
>
>
> McAfee check.
>
>
> ------------------------------
>
> Message: 2
> Date: Tue, 04 May 2010 16:49:24 +0200
> From: Jan Schneider <jan at horde.org>
> To: imp at lists.horde.org
> Subject: Re: [imp] Horde Password Aging, allow change at login ?
> Message-ID: <20100504164924.16074w0m0nm4krgg at neo.wg.de>
> Content-Type: text/plain; charset=ISO-8859-1; DelSp="Yes";
>    format="flowed"
>
> Zitat von steen at ing-steen.se:
>
> >> Message: 3
> >> Date: Tue, 04 May 2010 12:37:33 +0200
> >> From: Jan Schneider <jan at horde.org>
> >> To: imp at lists.horde.org
> >> Subject: Re: [imp] Horde Password Aging, allow change at login ?
> >> Message-ID: <20100504123733.17141ufabwz0bx8k at neo.wg.de>
> >> Content-Type: text/plain; charset=ISO-8859-1; DelSp="Yes";
> >>    format="flowed"
> >>
> >> Zitat von steen at ing-steen.se:
> >>
> >> > Hello Folks!
> >> >
> >> > As far I can see Horde alerts when password is about to be aged, and
> >> > finally locks one out, that is nice.
> >> >
> >> > Now to the questions, I am using LDAP as backend, all working fine.
> >> >
> >> > Is there a standard hook to pop up in the user face when he/she
logins
> > and
> >> > password is expired, so they can change password ?
> >> > Am I on myself to write some PHP code who does the job ?
> >> >
> >> > I know it is possible to use preauth/postauth hook, but it is "only
> >> > returning" variables back.
> >> > How do I kick off the password change forumlar ?
> >>
> >> I'm confused. In your first sentence you said that it's already
> >> working, so what do you still need?
> >>
> >> Jan.
> >>
> >> --
> >> Do you need professional PHP or Horde consulting?
> >> http://horde.org/consulting/
> >
> > Hello Jan!
> >
> > It is working to that point horde tell that account is expired, nothing
> > more, you do not get any chanse to
> > change the password as user.
>
> But how would Horde know that, unless you have set it up to know about
> that? Or are you athenticating against IMAP and have set up your IMAP
> server to alert expired accounts? That would be an important piece of
> information.
>
> Jan.
>
> --
> Do you need professional PHP or Horde consulting?
> http://horde.org/consulting/
>
>
>
> ------------------------------
>
>
> --
> IMP mailing list
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: imp-unsubscribe at lists.horde.org
>
> End of imp Digest, Vol 2581, Issue 1
> ************************************
>
>
> McAfee check.

Hello Jan!

I have LDAP backend, and it is working now.

Problem was that user is forced to change password at login only at day 0,
after that day user is blocked.
Althought we have grace period after password is expired till it lock in
ldap, horde did not use that ldap attribute.

I did this to make it work as I  we need it.
/usr/share/horde/lib/Horde/Auth/ldap.php:
                    if ($toexpire < 0) {
                        $this->_authCredentials['changeRequested'] = true;
//                       $this->_setAuthError(AUTH_REASON_EXPIRED);
//                       return false;
                    };

Regards //
               //  Peter Steen





McAfee check.

More information about the imp mailing list