[sork] Openldap ppolicy integration

Gustavo Schroeder gutosch at gmail.com
Wed Oct 7 13:34:37 UTC 2009

On Tue, Oct 6, 2009 at 2:17 PM, Jan Schneider <jan at horde.org> wrote:
> Zitat von Gustavo Schroeder <gutosch at gmail.com>:
>> Hi,
>> I'm using Horde 3, IMP 4 and passwd-h3-3.0.1 module. The one and only
>> password interface that our user base has is through IMP's passwd
>> module.
>> The current configuration is using the smbldap driver and I'm planning
>> to implement the openldap ppolicy overlay configuration to enforce a
>> strong password policy.
>> Suppose I got ppolicy overlay up and running and pwdMaxAge=10368000
>> (120 days) and as I've been googling around pam_ldap has the ability
>> to provide user warnings about password expiration.
>> My question is, will the passwd module provide password expiration
>> warnings to the end user?
> No, but Horde can do this through the shadowAccount objectclass.
>> How will the user get warned when his/her password is about to expire?
>> Is this error treatment handled by passwd module?
> You have to configure Horde to authenticate through the LDAP driver. There
> is an option in the LDAP authentication configuration to enable password
> expiration.

Excelent information, I did search for this option but could not find
it. Do you have an idea how can I enable the LDAP pwd expiration?

> Jan.
> --
> Do you need professional PHP or Horde consulting?
> http://horde.org/consulting/
> --
> Sork mailing list - Join the hunt: http://horde.org/bounties/#sork
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: sork-unsubscribe at lists.horde.org

More information about the sork mailing list