Fedora directory users - Feb 2009 - Should the password policy set the shadow* attributes on user add?

I''ve configured a global password policy but when I add a user none of 
the shadowMax/shadowWarning/etc attributes are set.  Is this expected? 
With this cause a problem?

-- 
Orion Poplawski
Technical Manager                     303-415-9701 x222
NWRA/CoRA Division                    FAX: 303-415-9702
3380 Mitchell Lane                  orion@cora.nwra.com
Boulder, CO 80301              http://www.cora.nwra.com

On Fri, 2009-02-06 at 09:44 -0700, Orion Poplawski
wrote:
> I''ve configured a global password policy but when I add a user
none of
> the shadowMax/shadowWarning/etc attributes are set.  Is this expected? 
> With this cause a problem?
> 
I''m not an expert on this but I would assume you have enabled the posix
account. However, I do not believe those fields are part of the
posixaccount objectclass.  Rather, I think you need to add a
shadowaccount objectclass.  Not sure - John
-- 
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan@opensourcedevel.com

http://www.spiritualoutreach.com
Making Christianity intelligible to secular society

Orion Poplawski wrote:
> I''ve configured a global password policy but when I add a user
none of
> the shadowMax/shadowWarning/etc attributes are set.  Is this expected? 
> With this cause a problem?
I''m assuming you mean you have configured password policy in the 
directory server itself.  AFAIK that is not compatible with the older 
shadow* attributes - you have to tell pam/pam_ldap to use the newer LDAP 
based password policy.