Dear Team, Is there any Schema or Attribute which can be used to disable user account if that account is not being used from one month or by providing date in advance to disable the account in future automatically.
On Wednesday 26 November 2008 05:45:39 piyush joshi wrote:
Dear Team, Is there any Schema or Attribute which can be used to disable user account if that account is not being used from one month or by providing date in advance to disable the account in future automatically.
I assume you mean disabling a unix account, you can use password aging (shadow) atributes from the nis schema, smbldap-tools manages that, and some others to disable samba accounts.
On Wed, Nov 26, 2008 at 05:15:39PM +0530, piyush joshi wrote:
Is there any Schema or Attribute which can be used todisable user account if that account is not being used from one month or by providing date in advance to disable the account in future automatically.
Some of those things can be done using password policies:
http://www.openldap.org/doc/admin24/overlays.html#Password%20Policies
Note that such policies only affect authentication *to the LDAP server* so you will need to consider how your applications use LDAP: If they authenticate users by binding to LDAP as the user then the password policy will probably do what you want. On the other hand, if authentication is done by reference to attributes read from the user entry then the policy will not do anything.
Andrew
openldap-technical@openldap.org
-
Andrew Findlay -
Jorge Armando Medina -
piyush joshi