5 Mar
2015
5 Mar
'15
1:35 a.m.
Hello,
I am trying to implement a trial [period] for new customers, using the OpenLDAP password policy overlay.
I was thinking about setting a combination of pwdMaxAge, pwdMustChange and pwdAllowUserChange.
Basically, the best idea I have had is to set MaxAge to the length of trial [in seconds] then in a user changes the password while in trial mode, calculate MaxAge as (trial_length - time_passed), then at the end setting MustChange to true and AllowUserChange to false [until the trial has been converted].
Is that a sane policy? Should I be doing something totally different? Please advise.
Sincerely,
Igor Shmukler