I'm still having some issues with the force password change feature. It does not change any values that would force a password change?
Note, my Redhat DS doesn't seem to support "pwdReset". Using the Account Locking (389ds) module, I can change and save passwordExpirationTime values and the changes are made on the Directory Server. Is the force password change feature tied to passwordExpirationTime or do I have a configuration issue or possibly an inoperability issue? Thanks, Steve Redhat DS 10.1 -------- Forwarded Message -------- Subject: Re: [Lam-public] force password change feature Date: Fri, 2 Mar 2018 16:43:04 +0100 From: Roland Gruber <[email protected]> To: [email protected] Hi Steve, On 26.02.2018 22:07, Hannigan, Steve (SHANNIGA) wrote: > I've run in to an issue with the "force password change" feature. It doesn't > work in my environment. I'm not sure if it's a LAM issue, but I thought I'd > throw it out there for ideas. LAM sends the "shadowlastchange "field > modification, but the Directory Server seems to trump LAM's modification, > setting the value to the current password change date. > > Aside from ideas or tips on my issue, I'm wondering if there is any plan in > the future to use "passwordexpirationtime" opposed to "shadowlastchange" to > force password change. sorry for the long answer time. You can use the following module for this: https://www.ldap-account-manager.org/static/doc/manual/ch04s02.html#idm2017 This allows to set passwordExpirationTime. Best regards Roland -- LDAP Account Manager https://www.ldap-account-manager.org/ ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Lam-public mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/lam-public
