search for: shadowexpir

Displaying 14 results from an estimated 14 matches for "shadowexpir".

Did you mean: shadowexpire
2017 Oct 30
LDAP authentication and shadowExpire
Hi, I am trying to configure Dovecot (2.2.27) with LDAP passdb, specifically with authentication binds ( Atribute shadowExpire has a unix time stamp value. Is there a way to write pass_filter like shadowExpire<ToDay? Or maybe there is better way to implement password expiration in Dovecot? -- Pagarbiai Mantas Gegu?is VU Informacini? technologij? taikymo centras
2011 Apr 01
LDAP expired password
hi all, I'm using postfix, LDAP, dovecot and horde for webmail. user and password information is stored in LDAP. I'm attempting to get password aging working properly and am not having much luck. even if password has expired user can login, can i tell dovecot to control the LDAP field shadowexpired? or is there some other way to check properly that the password is expired before allowing the user log in? thank's /roby
2011 Aug 11
LDAP - Shadow options
...last change of the shadow file * Shadowwarning : nr of days before expiration to warn user. *What I'm trying *to do is have the users 's passwork expire, that works ok. But how can I have them get a warning message? setting Shadowwarning doesn't seem to be doing it. Do I have to set Shadowexpire as well for this? *Also, *how can I have users change the password at first logon? * *I cannot configure the LDAP files themselves, I only have access via phpLDAPadmin. Thanks for any advise. greetings, James -- Johan Vermeulen IT-medewerker Caw De Kempen johan.vermeulen at 04...
2004 Jan 09
Account Expiry
Is there any way to make user account expired similar to shadowExpire attribute in nis.schema? --beast
2011 Jan 13
Problem: how to make users use unique passwords
Hello, To harden security, I've modified the smbldap-passwd script so that it update sambaPwdMustChange, sambaKickoffTime and shadowExpire fields; also, a simple script notifying users with expiration date approaching has been set up. I have also added a call to cracklib to check password strength prior to applying it. It all works well, but the task it to force users to use unique password every time they have to change it. A typic...
2010 Aug 26
Migrating samba domain to new computer.
Should have read this first: Problem is I did it the wrong way on a few production systems. Odds are this is the second time I did it wrong. Running Debian Lenny using smbldap. It mostly works. Existing members of the domain are working OK. The first thing that got my attention is was not able to join
2010 Jul 26
OpenLDAP authentication, account expired when it's not.
...ntOS client machine, and don't find anything that helps me figure out is causing it to think the account has expired. The LDAP attributes that I think are relevant on a test account are below. I don't see anything here that looks hinky, but then I am fairly ignorant on PAM authentication. shadowExpire 0 shadowFlag 0 shadowInactive 0 shadowLastChange 14816 shadowMax 99999 shadowMin 0 shadowWarning 7 Bill -- INTERNET: bill at Bill Campbell; Celestial Software LLC URL: PO Box 820; 6641 E. Mercer Way Voice: (206) 236-1676 Mercer Is...
2004 Aug 31
...tClass=posixAccount)(uid=%u)) pass_attrs = uid,userPassword pass_filter = (&(objectClass=posixAccount)(uid=%u)) default_pass_scheme = PLAIN user_global_uid = 1000 user_global_gid = 1000 and, a ldif exempl: dn: uid=mwerly, ou=002F83, ou=machines, ou=fr, o=dental-on-line displayName: WERLY Marc shadowExpire: -1 mobile: 000 objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount userPassword:: eHh4 shadowLastChange: 10000 facsimileTelephoneNumber: uid: mwerly uidNumber: 12164 cn: Marc WERLY sh...
2005 Mar 07
dovecot patch for TCB auth
...| Institut Pasteur, Paris, France <hummel at> | P?le informatique - syst?mes et r?seau -------- Here are some details about which attribute we're planning to use and their TCB equivalents uidNumber ~ u_id uid ~ u_name userPassword ~ u_pwd shadowLastChange ~ u_succhg shadowExpire ~ u_expdate shadowMax ~ u_life shadowWarning ~ u_exp [ shadowWarning = u_life - u_exp] plus the one we wrote : maxTries ~ u_maxtries [ maximum number of consecutive unsuccessful login attempts to the account that are permitted until the account is disabled ] numUnsucLog ~ u_numunsuclog...
2015 Feb 23
sssd - ldap host attribute ignored
Dear all, i have a problem with sssd in conjunction with ldap on a centos 7 x86_64 box. ldap works fine. I can login there as an usual user registred in ldap. I want now restrict the access with ldap's host attribute. This is beeing ignored. Still every ldap user can login, no matter what the host attribute says. I googled around and only found that sssd.conf need two lines: access_provider
2008 Jul 27
Problems to join domain (clients XP send false SID !)
Hi all. First, sorry for my poor english. I'm using samba on debian stable as PDC with backend ldap on a small network. Sometimes, and I don't know exactly when and why, there's a problem when clients XP3 joins domain (it blocks on next window just after login while receiving profile , sorry I don't know the message in english version), and this, only on 2 physical
2015 May 05
ldap host attribute is ignored
...dNumber: **** shadowFlag: 0 shadowInactive: -1 gidNumber: *** shadowMin: -1 shadowMax: 999999 homeDirectory: /home/USER1 sn: USER1 mail: USER1 at mailHost: lmtp:unix:/var/lib/imap/socket/lmtp shadowWarning: 7 sambaSID: ***************************************** shadowExpire: -1 mailAlternateAddress: USER1a cn: surname lastname gecos: surname lastname loginShell: /bin/bash host: another-node What information is still missing? Any hint is welcome. Thank you in advance, ulrich
2009 Sep 10
ldap quota dovecot
...eople, dc=example, dc=com scope = subtree user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid,telephoneNumber=quota_rule=*:storage=%$M user_filter = (&(objectClass=posixAccount)(uid=%u)) pass_attrs = uid=user,userPassword=password pass_filter = (&(objectClass=posixAccount)(uid=%u)(!(shadowExpire=*))) default_pass_scheme = CRYPT Imap shows correct quota, but dovecot lda doesn't reject mail and it gets overquota, maildirsize: 15728640S 28033743 4 If I add for example quota_rule = *:storage=20M to dovecot.conf it works, but I need per-user ldap quotas. It seems dovecot deliver ignores...
2004 Mar 11
LDAP issue, access denied adding machine to domain, and LDAP user can't make unix-login on the box.
...= Mar 11 16:01:43 compaq slapd[487]: conn=283 op=2 SRCH base="dc=login" scope=2 filter="(&(objectClass=shadowAccount)(uid=test3))" Mar 11 16:01:43 compaq slapd[487]: conn=283 op=2 SRCH attr=uid userPassword shadowLastChange shadowMax shadowMin shadowWarning shadowInactive shadowExpire shadowFlag Mar 11 16:01:43 compaq slapd[487]: conn=283 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text= Mar 11 16:01:45 compaq slapd[395]: conn=283 fd=22 closed 7) My primary focus is to add the machines to domain, but i would like help with both issues if anyone could help Thanks in advanc...