[Freeipa-users] Deny bind for external LDAP if password is expired
Prashant Bapat
prashant at apigee.com
Wed Jul 6 17:06:39 UTC 2016
Hi,
We are using FreeIPA's LDAP as the base for user authentication in a
different application. So far I have created a sysaccount which does the
lookup etc for a user and things are working as expected. I'm even able to
use OTP from the external app.
One problem I'm struggling to fix is the expired passwords. Is there a way
to deny bind to LDAP only from this application? Obviously the user would
need to go to IPA's web UI and reset his password there.
I came across this ticket https://fedorahosted.org/freeipa/ticket/1539 but
looks like this is an old one.
Thanks.
--Prashant
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160706/3dd71987/attachment.htm>
More information about the Freeipa-users
mailing list