With the Openldap password policy I was able to lock the account after a certain number of failed login attempts. When I reset the password, the user can login whenever. What I want to ask is, is there a way to make the password expire if the user doesn't login within lets say 24 hours after the password has been reset? Thank you! Jeevan
Take a look at pwdReset TRUE
On Jul 11, 2013, at 11:39 AM, "jeevan kc" jeev_biz@hotmail.com wrote:
With the Openldap password policy I was able to lock the account after a certain number of failed login attempts. When I reset the password, the user can login whenever. What I want to ask is, is there a way to make the password expire if the user doesn't login within lets say 24 hours after the password has been reset? Thank you! Jeevan
Hi Michael I looked at the pwdReset TRUE and it deals with the user changing his password after the password is reset before making the bind. What I'm looking for is making the temporary password expire if the user doesn't login within a certain timeframe. Thank you
Jeevan
Subject: Re: How to make a temporary password expire? From: mlstarling31@hotmail.com Date: Thu, 11 Jul 2013 11:42:10 -0400 To: jeev_biz@hotmail.com CC: openldap-technical@openldap.org
Take a look at pwdReset TRUE
On Jul 11, 2013, at 11:39 AM, "jeevan kc" jeev_biz@hotmail.com wrote:
With the Openldap password policy I was able to lock the account after a certain number of failed login attempts. When I reset the password, the user can login whenever. What I want to ask is, is there a way to make the password expire if the user doesn't login within lets say 24 hours after the password has been reset? Thank you! Jeevan
jeevan kc wrote:
What I'm looking for is making the temporary password expire if the user doesn't login within a certain timeframe.
Not feasible.
Generally I deal with password resets by setting a separate credential with limited TTL in custom attributes and force the user to set a new password on a web page which resets those custome attributes.
Ciao, Michael.
openldap-technical@openldap.org
-
jeevan kc -
Michael Starling -
Michael Ströder