On February 15, 2019 10:50:36 PM GMT+08:00, Howard Chu <hyc(a)symas.com> wrote:
slapd does not store plaintext passwords either.
sorry for spreading mis infomation based on my imagination. With ppolicy, can a
user change his password after his password expired? I'd think no, because you have to
bind before you modify the userpassword field, and if the password expired I'd think
bind will fail. OTOH, kerberos does allow user to change password after expiration. this
save me a lot of work, because my users always forgot to change pw in time.
Sent from my Android device with K-9 Mail. Please excuse my brevity.