mkawada at redhat.com
2016-Jun-08 06:37 UTC
password expire warning for dovecot users in IMAP/POP login
Dear list, Is it possible to give a notification about password exprire warning to users authenticated by OpenLDAP when the users login via dovecot using IMAP or POP? For example, when you ssh to a server and/or run ldapsearch, you can be warned with password expire warning like below: # ssh testuser at localhost testuser at localhost's password: Your password will expire in 31 minute(s). <=Last login: Wed Jun 8 12:22:08 2016 from localhost.localdomain ]$ ldapsearch -LLL -D uid=testuser,ou=People,dc=example,dc=com -w redhat "cn=testuser" -e ppolicy ldap_bind: Success (0) (Password expires in 1808 seconds) <=dn: uid=testuser,ou=People,dc=example,dc=com Does the same can be done for dovecot users authenticated by OpenLDAP in IMAP/POP? Thanks, -- Masaharu Kawada
Aki Tuomi
2016-Jun-08 06:49 UTC
password expire warning for dovecot users in IMAP/POP login
On 08.06.2016 09:37, mkawada at redhat.com wrote:> Dear list, > > Is it possible to give a notification about password exprire warning > to users authenticated by OpenLDAP when the users login via dovecot > using IMAP or POP? For example, when you ssh to a server and/or run > ldapsearch, you can be warned with password expire warning like below: > > # ssh testuser at localhost > testuser at localhost's password: > Your password will expire in 31 minute(s). <=> Last login: Wed Jun 8 12:22:08 2016 from localhost.localdomain > > ]$ ldapsearch -LLL -D uid=testuser,ou=People,dc=example,dc=com -w > redhat "cn=testuser" -e ppolicy > ldap_bind: Success (0) (Password expires in 1808 seconds) <=> dn: uid=testuser,ou=People,dc=example,dc=com > > Does the same can be done for dovecot users authenticated by OpenLDAP > in IMAP/POP? > > > Thanks, >How would this warning get shown to people? Aki
mkawada at redhat.com
2016-Jun-08 08:05 UTC
password expire warning for dovecot users in IMAP/POP login
Aki-san, Thanks for your feedback. Whatever ways will do. For instance, in a thunderbird mail client, a pop-up message or notification email telling client that the password will be expired in XX days, something like this, would be nice. Thanks, Masaharu Kawada On 2016?06?08? 15:49, Aki Tuomi wrote:> > On 08.06.2016 09:37, mkawada at redhat.com wrote: >> Dear list, >> >> Is it possible to give a notification about password exprire warning >> to users authenticated by OpenLDAP when the users login via dovecot >> using IMAP or POP? For example, when you ssh to a server and/or run >> ldapsearch, you can be warned with password expire warning like below: >> >> # ssh testuser at localhost >> testuser at localhost's password: >> Your password will expire in 31 minute(s). <=>> Last login: Wed Jun 8 12:22:08 2016 from localhost.localdomain >> >> ]$ ldapsearch -LLL -D uid=testuser,ou=People,dc=example,dc=com -w >> redhat "cn=testuser" -e ppolicy >> ldap_bind: Success (0) (Password expires in 1808 seconds) <=>> dn: uid=testuser,ou=People,dc=example,dc=com >> >> Does the same can be done for dovecot users authenticated by OpenLDAP >> in IMAP/POP? >> >> >> Thanks, >> > How would this warning get shown to people? > > Aki-- Masaharu Kawada
Juan Bernhard
2016-Jun-08 13:31 UTC
password expire warning for dovecot users in IMAP/POP login
El 08/06/2016 a las 03:37 a.m., mkawada at redhat.com escribi?:> Dear list, > > Is it possible to give a notification about password exprire warning to > users authenticated by OpenLDAP when the users login via dovecot using > IMAP or POP? For example, when you ssh to a server and/or run > ldapsearch, you can be warned with password expire warning like below: > > # ssh testuser at localhost > testuser at localhost's password: > Your password will expire in 31 minute(s). <=> Last login: Wed Jun 8 12:22:08 2016 from localhost.localdomain > > ]$ ldapsearch -LLL -D uid=testuser,ou=People,dc=example,dc=com -w > redhat "cn=testuser" -e ppolicy > ldap_bind: Success (0) (Password expires in 1808 seconds) <=> dn: uid=testuser,ou=People,dc=example,dc=com > > Does the same can be done for dovecot users authenticated by OpenLDAP in > IMAP/POP? > > > Thanks, >I think the easiest solution it to send a mail to the user that the password will expire. A cron job and a shell script should do the work. I don't know any mechanism to send this kind of message via POP. Saludos, Juan.
KT Walrus
2016-Jun-08 15:26 UTC
password expire warning for dovecot users in IMAP/POP login
> I think the easiest solution it to send a mail to the user that the password will expire. A cron job and a shell script should do the work. > I don't know any mechanism to send this kind of message via POP.I agree with you. Don?t bother trying to alert the user when he logs in (where there is no universal client support for such alerts). But, simply send a notification message from a cron script to their mailbox (a couple days before expiration). You could mark the message as high priority/urgent just in case their client displays such messages more prominently than normal inbox new messages. IMAP or POP login is usually done by the email client in the background and the user isn?t necessarily even around to handle the alert. But, clients are used to alerting the user that they have new mail. So, simply sending a notification message, from a cron job, to their INBOX is definitely the way I would go. Kevin> On Jun 8, 2016, at 9:31 AM, Juan Bernhard <juan at inti.gob.ar> wrote: > > > El 08/06/2016 a las 03:37 a.m., mkawada at redhat.com <mailto:mkawada at redhat.com> escribi?: >> Dear list, >> >> Is it possible to give a notification about password exprire warning to >> users authenticated by OpenLDAP when the users login via dovecot using >> IMAP or POP? For example, when you ssh to a server and/or run >> ldapsearch, you can be warned with password expire warning like below: >> >> # ssh testuser at localhost >> testuser at localhost's password: >> Your password will expire in 31 minute(s). <=>> Last login: Wed Jun 8 12:22:08 2016 from localhost.localdomain >> >> ]$ ldapsearch -LLL -D uid=testuser,ou=People,dc=example,dc=com -w >> redhat "cn=testuser" -e ppolicy >> ldap_bind: Success (0) (Password expires in 1808 seconds) <=>> dn: uid=testuser,ou=People,dc=example,dc=com >> >> Does the same can be done for dovecot users authenticated by OpenLDAP in >> IMAP/POP? >> >> >> Thanks, >> > I think the easiest solution it to send a mail to the user that the password will expire. A cron job and a shell script should do the work. > I don't know any mechanism to send this kind of message via POP. > > Saludos, Juan.