last login date supported in 389-ds?
On 06/08/2011 03:59 PM, brandon wrote:
> After having searched a bit, I think I know the answer. However, I am
> asking the question in hopes that people may know of a project or effort
> underway that I can dig into.
> We have a requirement to record user activity (or more notably
> inactivity). This is separate from password expiration. If an account
> is inactive for X days, it must be auto-disabled. Since we are using a
> directory server across hundreds of systems, the only way to do this is
> in the directory.
> Is there a schema option in 389-ds to support this, and concurrently a
> pam module or extension to pam_ldap that supports it?
> Ideally, pam_ldap would just have an option 'lastlog on' that would just
> update the attribute on the user's object.
> If there are not even any efforts to this end, I'll probably just hack
> up something and put it into the .profile, but I was hoping to hedge off
> of something else...
> 389 users mailing list
389 users mailing list