[CentOS] LDAP - Shadow options
Craig White
craigwhite at azapple.com
Thu Aug 11 11:02:37 UTC 2011
On Thu, 2011-08-11 at 12:02 +0200, Johan Vermeulen wrote:
> dear All,
>
> I'm trying to set Shadow options in Ldap with the help of
> phpLDAPadmin.
>
> This is what I know :
>
> * Shadowmax : maximum nr of days a pw can be valid
> * ShadowLastchange : contains the last change of the shadow file
> * Shadowwarning : nr of days before expiration to warn user.
>
> What I'm trying to do is have the users 's passwork expire, that works
> ok.
> But how can I have them get a warning message? setting Shadowwarning
> doesn't seem to be doing it.
>
> Do I have to set Shadowexpire as well for this?
>
> Also, how can I have users change the password at first logon?
>
> I cannot configure the LDAP files themselves, I only have access via
> phpLDAPadmin.
>
> Thanks for any advise.
---
phpldapadmin - you're wasting your time on this
you need to implement ppolicy overlay (assuming you are using openldap)
http://eatingsecurity.blogspot.com/2008/11/openldap-security.html
Craig
More information about the CentOS
mailing list