dear All,
I'm trying to set Shadow options in Ldap with the help of phpLDAPadmin.
This is *what I know :
* */Shadowmax : /maximum nr of days a pw can be valid * /ShadowLastchange : /contains the last change of the shadow file * Shadowwarning : nr of days before expiration to warn user.
*What I'm trying *to do is have the users 's passwork expire, that works ok. But how can I have them get a warning message? setting Shadowwarning doesn't seem to be doing it.
Do I have to set Shadowexpire as well for this?
*Also, *how can I have users change the password at first logon? * *I cannot configure the LDAP files themselves, I only have access via phpLDAPadmin.
Thanks for any advise.
greetings, James
On Thu, 2011-08-11 at 12:02 +0200, Johan Vermeulen wrote:
dear All,
I'm trying to set Shadow options in Ldap with the help of phpLDAPadmin.
This is what I know :
- Shadowmax : maximum nr of days a pw can be valid
- ShadowLastchange : contains the last change of the shadow file
- Shadowwarning : nr of days before expiration to warn user.
What I'm trying to do is have the users 's passwork expire, that works ok. But how can I have them get a warning message? setting Shadowwarning doesn't seem to be doing it.
Do I have to set Shadowexpire as well for this?
Also, how can I have users change the password at first logon?
I cannot configure the LDAP files themselves, I only have access via phpLDAPadmin.
Thanks for any advise.
--- phpldapadmin - you're wasting your time on this
you need to implement ppolicy overlay (assuming you are using openldap)
http://eatingsecurity.blogspot.com/2008/11/openldap-security.html
Craig
Hello Graig,
I'll follow your advise and drop this.
Thanks for the link, it's very interesting.
grt, James
Op 11-08-11 13:02, Craig White schreef:
On Thu, 2011-08-11 at 12:02 +0200, Johan Vermeulen wrote:
dear All,
I'm trying to set Shadow options in Ldap with the help of phpLDAPadmin.
This is what I know :
- Shadowmax : maximum nr of days a pw can be valid
- ShadowLastchange : contains the last change of the shadow file
- Shadowwarning : nr of days before expiration to warn user.
What I'm trying to do is have the users 's passwork expire, that works ok. But how can I have them get a warning message? setting Shadowwarning doesn't seem to be doing it.
Do I have to set Shadowexpire as well for this?
Also, how can I have users change the password at first logon?
I cannot configure the LDAP files themselves, I only have access via phpLDAPadmin.
Thanks for any advise.
phpldapadmin - you're wasting your time on this
you need to implement ppolicy overlay (assuming you are using openldap)
http://eatingsecurity.blogspot.com/2008/11/openldap-security.html
Craig
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-
Craig White -
Johan Vermeulen