Yes, I already have nis.ldif loaded. What else do you suggest?
From: Ulrich Windl <Ulrich.Windl(a)rz.uni-regensburg.de>
Date: Monday, October 24, 2016 at 11:17 PM
To: "Real, Elizabeth (392K)" <Elizabeth.Real(a)jpl.nasa.gov>,
Subject: Antw: openldap 2.4.40 ppolicy module and shadowInactive equivalent
"Real, Elizabeth (392K)"
<Elizabeth.Real@jpl.nasa.gov<mailto:Elizabeth.Real@jpl.nasa.gov>> schrieb am
20:43 in Nachricht
I setup a password policy overlay on my openldap 2.4.40 servers running
RHEL7. I need to enforce the following: disable accounts that have been
inactive for 180 days. In the past we were able to do this by simply adding
the shadowInactive attribute to each account: shadowInactive 180. But with
the new openldap, it appears there is no equivalent attribute??
Why didn't you "grep shadowInactive /etc/openldap/schema/*"?
It appears in nis.ldif, nis.schema, and rfc2307bis.schema.
(I only have SLES11 SP4 here, but there shouldn't be a big difference)