[Freeipa-users] Using LDAP directly - Password Expiry
Rob Crittenden
rcritten at redhat.com
Fri Jun 10 17:37:45 UTC 2016
Prashant Bapat wrote:
> Hi,
>
> I'm using FreeIPA's LDAP component as user database in another
> application. The binds happen using the user's credentials
> (password+otp) and the search happens by a service account created under
> cn=sysaccounts.
>
> Things are working as expected except one small hitch. Password Expiry.
> Binds are allowed even for users with expired passwords.
>
> Are others using the LDAP directly ? If yes, how are you handing the
> password expiry.
>
> Thanks.
> --Prashant
>
>
There is a bit of a chicken and egg problem, see
https://fedorahosted.org/freeipa/ticket/1539
rob
More information about the Freeipa-users
mailing list