Hi Elizabeth, On 17.03.2014 21:36, Elizabeth Jones wrote: > We have several > hundred user accounts that we need to lock, and we can easily do this with > the lock password button in LAM, but doing this for hundreds of user > passwords is really time consuming. I can't seem to figure out what LDAP > field the lock password button is modifying, or if it is just adding > something like *LK* into the password field in LDAP. Does anyone know > what lock password is actually doing behind the scenes?
this is what LAM does to lock a password:
Unix/Personal tab:
The hash value in attribute "userPassword" is invalidated by adding a
"!". E.g. "{SSHA}abcd" becomes "{SSHA}!abcd".
PPolicy:
LAM sets attribute "pwdAccountLockedTime" to "00000101000000Z".
--
Best regards
Roland
LDAP Account Manager
http://www.ldap-account-manager.org/
Want more? Get LDAP Account Manager Pro!
https://www.ldap-account-manager.org/lamcms/lamPro
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/13534_NeoTech
_______________________________________________ Lam-public mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/lam-public
