[CentOS] LDAP - Shadow options

Thu Aug 11 13:06:01 UTC 2011
Johan Vermeulen <jvermeulen at cawdekempen.be>

  Hello Graig,

I'll follow your advise and drop this.

Thanks for the link, it's very interesting.

grt, James

Op 11-08-11 13:02, Craig White schreef:
> On Thu, 2011-08-11 at 12:02 +0200, Johan Vermeulen wrote:
>> dear All,
>>
>> I'm trying to set Shadow options in Ldap with the help of
>> phpLDAPadmin.
>>
>> This is what I know :
>>
>> * Shadowmax : maximum nr of days a pw can be valid
>> * ShadowLastchange : contains the last change of the shadow file
>> * Shadowwarning : nr of days before expiration to warn user.
>>
>> What I'm trying to do is have the users 's passwork expire, that works
>> ok.
>> But how can I have them get a warning message? setting Shadowwarning
>> doesn't seem to be doing it.
>>
>> Do I have to set Shadowexpire as well for this?
>>
>> Also, how can I have users change the password at first logon?
>>
>> I cannot configure the LDAP files themselves, I only have access via
>> phpLDAPadmin.
>>
>> Thanks for any advise.
> ---
> phpldapadmin - you're wasting your time on this
>
> you need to implement ppolicy overlay (assuming you are using openldap)
>
> http://eatingsecurity.blogspot.com/2008/11/openldap-security.html
>
> Craig
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos