[Fedora-directory-users] pam_ldap and password policy
Pete Rowley
pete at openrowley.com
Tue Jun 14 18:51:42 UTC 2005
> -----Original Message-----
> From: fedora-directory-users-bounces at redhat.com
> [mailto:fedora-directory-users-bounces at redhat.com] On Behalf
> Of jclowser at unitedmessaging.com
> Sent: Tuesday, June 14, 2005 11:26 AM
> To: General discussion list for the Fedora Directory server project.
> Subject: Re: [Fedora-directory-users] pam_ldap and password policy
> changed. BTW - how would pam_ldap force the user to change
> their password - can it do it itself, or would it require the
> user to log in and run passwd or something? It may not be possible.
>
PAM has the necessary protocol for password changes during logon - in fact
PAM gets called by passwd. However, I do not know off hand whether pam_ldap
implements those functions.
> effect (what does FDS do, btw? Prevent the account from
> binding again, effectively locking the user out? Does it
> allow some number of binds before it takes effect? I can't
> remember cause I never use it :) )
I believe it begins nagging some time before it takes action.
More information about the Fedora-directory-users
mailing list