[Fedora-directory-users] API to detect password expiration
Richard Megginson
rmeggins at redhat.com
Fri Mar 31 14:53:53 UTC 2006
François Beretti wrote:
> Hi,
>
> I am trying to implement password expiration in my LDAP software. I am
> not using the fedora/mozilla/sun API, but the Novell API. So I can't
> use specific functions if they exist.
>
> There are three concepts I would like to integrate :
>
> - Password must be changed after a reset
> - Password expiration warning
> - Password expired
>
> How can I detect these three events ?
>
I'm not sure. You may want to ask on a Novell list to find out what is
supported by their API. But in general, these events are returned to
all LDAPv3 clients in the form of controls, so as long as the Novell API
allows you to receive and parse the response controls, you should be
able to get all of that information.
> Moreover, what can I do within the maximum login attempts ? Only bind
> then change the password ?
>
Yes. Fedora DS allows a configurable number of "grace logins" - the
user is only allowed to BIND, then change their password.
> Thank you very much, and congratulations for this beautiful software
>
> Regards,
>
> François Beretti
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20060331/9076387d/attachment.bin>
More information about the Fedora-directory-users
mailing list