[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

New user VS expired account



Hello PAM experts,
 
I am having a issue where PAM is not following my LDAP password policy.
Ideally, I'd like to have new users or password reset by administrators to be prompted to change the password upon logging in (using temporary password). However, I do not want expired accounts to be asked to change the password. How can I accomplish this?
In /etc/ldap.conf I have already uncommented
 

pam_lookup_policy yes

pam_password clear
 
but regardless of new or expired accounts, the login will prompt to change the password.
HELP!
 
thanks!
 
 
--Tony
 
PS. I have a Sun Directory Server 6.3.1 as my LDAP server, and running RedHat 5.x on many of my clients. (Solaris workstations are having the expected behavior) 
 

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]