Hi Cenk,
Yes this can be done by first locking the entry, and then setting
passwordLockoutDuration to the time (in seconds) into the future you
want it to unlock. So it's not a nice date you can use, but the value
can still be calculated
https://access.redhat.com/documentation/en-us/red_hat
Actually, I was wrong there is more you need to do.
You need to enable account lockout and set a max failure count:
# dsconf slapd-INSTANCE config set passwordLockout=on passwordMaxFailure=3
Then set in each user entry:
passwordRetryCount: 3 --> number equal to passwordMaxFailure
ret
Hi Mark, thanks for the response.
We already use password lockout plugin, but what I need is the opposite.
I want to
* Create an account, activate it
* Set an expiration date, so that after that date account is locked.
Cheers
Cenk
On Fri, Sep 29, 2023 at 9:50 PM Mark Reynolds wrote:
> Actuall
On 10/2/23 4:13 AM, Cenk Y. wrote:
Hi Mark, thanks for the response.
We already use password lockout plugin, but what I need is the opposite.
I want to
* Create an account, activate it
* Set an expiration date, so that after that date account is locked.
Yeah there is no way to "lock" an acco
On 10/3/23 01:11, Mark Reynolds wrote:
On 10/2/23 4:13 AM, Cenk Y. wrote:
Hi Mark, thanks for the response.
We already use password lockout plugin, but what I need is the opposite.
I want to
* Create an account, activate it
* Set an expiration date, so that after that date account is locked
Thanks Mark, Thierry,
I've looked quite a bit into account policy. It allows locking an account
after an inactivity limit, but from my understanding, it doesn't offer a
way to lock it in a pre-configured future time without inactivity.
I think this would be a useful feature. I may open a RFE.
Ch
On 10/3/23 09:34, Cenk Y. wrote:
Thanks Mark, Thierry,
I've looked quite a bit into account policy. It allows locking an
account after an inactivity limit, but from my understanding, it
doesn't offer a way to lock it in a pre-configured future time without
inactivity.
Not only inactivity
Oh right, how did I miss this.
So one needs to set "altStateAttrName: createTimestamp", and configure
"accountInactivityLimit". In this case this will globally apply to all
accounts with the policy, isn't it? It still won't allow me to set
expiration date per account (Unless I create a policy for
