Hello,
I’ve done a lot or research and re-read the OpenLDAP configuration guides but I cannot get my OpenLDAP 2.39 server to not allow users with expired passwords to login to ldap enabled clients. What directive in the /etc/pam.d/ files controls the users password expiration attribute? pam_unix or pam_ldap?
Setup:
Server: RHEL7 OS Software: OpenLdap 2.4.39 server using slapd service
Client: RHEL7 OS Software: enabled Ldap via authconfig, using sssd service
Thank you, Liz
Hi,
No one. If password expire in openldap server, the client (whatever is it) bind *fail*. Thats all.
Cheers.
Le 28/08/2015 00:56, Real, Elizabeth (392K) a écrit :
Hello,
I’ve done a lot or research and re-read the OpenLDAP configuration guides but I cannot get my OpenLDAP 2.39 server to not allow users with expired passwords to login to ldap enabled clients. What directive in the /etc/pam.d/ files controls the users password expiration attribute? pam_unix or pam_ldap?
openldap-technical@openldap.org
-
Abdelhamid Meddeb -
Real, Elizabeth (392K)