24 Mar
2010
24 Mar
'10
12:45 a.m.
On Wednesday, 24 March 2010 03:37:15 Chris Jacobs wrote:
Okay, it says: "If pwdChangedTime does not exist, the user's password will not expire."
How have you guys dealt with this?
Just reset the passwords the current values, with something along the lines of:
ldapsearch -x -D $rootdn -W -L "(&(objectclass=posixAccount)(! (pwdChangedTime=*)))" userPassword|ldapmodify
I suspect that just asking people to please change their passwords so we can make sure they expire will result in a low turn-out rate. :p
Depending on how your users access the directory, setting pwdReset to TRUE may be an alternative.
Regards, Buchan