Hi, We are using FreeIPA's LDAP as the base for user authentication in a different application. So far I have created a sysaccount which does the lookup etc for a user and things are working as expected. I'm even able to use OTP from the external app.
One problem I'm struggling to fix is the expired passwords. Is there a way to deny bind to LDAP only from this application? Obviously the user would need to go to IPA's web UI and reset his password there. I came across this ticket https://fedorahosted.org/freeipa/ticket/1539 but looks like this is an old one. Thanks. --Prashant
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project