[sork] Openldap ppolicy integration
Gustavo Schroeder
gutosch at gmail.com
Wed Oct 7 13:34:37 UTC 2009
On Tue, Oct 6, 2009 at 2:17 PM, Jan Schneider <jan at horde.org> wrote:
> Zitat von Gustavo Schroeder <gutosch at gmail.com>:
>
>> Hi,
>>
>> I'm using Horde 3, IMP 4 and passwd-h3-3.0.1 module. The one and only
>> password interface that our user base has is through IMP's passwd
>> module.
>> The current configuration is using the smbldap driver and I'm planning
>> to implement the openldap ppolicy overlay configuration to enforce a
>> strong password policy.
>> Suppose I got ppolicy overlay up and running and pwdMaxAge=10368000
>> (120 days) and as I've been googling around pam_ldap has the ability
>> to provide user warnings about password expiration.
>> My question is, will the passwd module provide password expiration
>> warnings to the end user?
>
> No, but Horde can do this through the shadowAccount objectclass.
>
>> How will the user get warned when his/her password is about to expire?
>> Is this error treatment handled by passwd module?
>
> You have to configure Horde to authenticate through the LDAP driver. There
> is an option in the LDAP authentication configuration to enable password
> expiration.
Excelent information, I did search for this option but could not find
it. Do you have an idea how can I enable the LDAP pwd expiration?
>
> Jan.
>
> --
> Do you need professional PHP or Horde consulting?
> http://horde.org/consulting/
>
> --
> Sork mailing list - Join the hunt: http://horde.org/bounties/#sork
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: sork-unsubscribe at lists.horde.org
>
More information about the sork
mailing list