On 05/09/2012 07:45 AM, Ali Jawad wrote:
Hi
I have a requirement to disable inactive users after 90 days. I did
read http://directory.fedoraproject.org/wiki/Account_Policy_Design
but I am not sure whether this is a design proposal or the
actual implementation.
My DS version is :
rpm -qa | grep 389
389-admin-console-1.1.8-1.el5
389-ds-base-1.2.9.9-1.el5
389-dsgw-1.1.7-2.el5
389-console-1.1.7-3.el5
389-adminutil-1.1.14-1.el5
389-admin-1.1.23-1.el5
389-admin-console-doc-1.1.8-1.el5
389-ds-1.2.1-1.el5
389-ds-base-libs-1.2.9.9-1.el5
389-ds-console-1.2.6-1.el5
389-ds-console-doc-1.2.6-1.el5
I got
[root@386-100-16 dirsrv]# ldapsearch -x -D "cn=Directory manager" -w
Password -b "cn=config" -s base lastLoginTime
# extended LDIF
#
# LDAPv3
# base <cn=config> with scope baseObject
# filter: (objectclass=*)
# requesting: lastLoginTime
#
# config
dn: cn=config
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
and
[root@386-100-16 dirsrv]# grep -i lastlogintime
/etc/dirsrv/slapd-386-100-16/schema/*
/etc/dirsrv/slapd-386-100-16/schema/60acctpolicy.ldif:## lastLoginTime
holds login state in user entries (GeneralizedTime syntax)
/etc/dirsrv/slapd-386-100-16/schema/60acctpolicy.ldif:attributeTypes:
( 2.16.840.1.113719.1.1.4.1.35 NAME 'lastLoginTime'
I am not sure how to implement this though, please advice.
http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/account-policy-plugin.html
Regards
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users