Question about expired/expiring passwords
It’s up to the client to support warnings about password expiration (that true in general, not just where LDAP is involved).Â* I have no idea how, or even if, WS_FTP, Filezilla or pGina support that, but I suspect they don’t.
Â* In my environment I’ve written scripts that will send emails when a password is close to expiration, since the clients many of our users connect with will never do it. Â* From: 389-users-bounces@lists.fedoraproject.org [mailto:389-users-bounces@lists.fedoraproject.org] On Behalf Of harry.devine@faa.gov Sent: Thursday, August 09, 2012 1:02 PM To: 389-users@lists.fedoraproject.org Subject: [389-users] Question about expired/expiring passwords Â* In our environment, we have users that authenticate to our LDAP server in a few ways: Â* Â* Â* Â* 1) they log into the server directly using SSH via PuTTY; Â* Â* Â* Â* 2) they log in to our server using FileZilla or WS_FTP using SFTP; Â* Â* Â* Â* 3) they authenticate their account via the LDAP on a Windows server using pGina In method 1, they are prompted to change their password if it is expired, or are given the warning about the password will expire in X days. Â*How do I have the user get a similar warning/message when connecting via methods 2 and 3? Â*We have a lot of users who get themselves flustered because they think they have the right password, but because they're never warned or given a message, they think its wrong, put in a few more passwords, and eventually lock their account out. Any ideas? Harry Harry Devine Common ARTS Software Development AJM-245 (609)485-4218 Harry.Devine@faa.gov -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users |
Question about expired/expiring passwords
Yeah, I figured as much, but thought
I'd ask. Â*I have a script that runs nightly to notify users of impending expirations, and it works well. Â*Unfortunately, they usually get ignored, which is why I thought if the "you password is due to expire in X days" hits them whereever and however they connect, that would help. No big deal. Â*Thanks for the help! Harry From: "Morris, Patrick" <patrick.morris@hp.com> To: "389-users@lists.fedoraproject.org" <389-users@lists.fedoraproject.org> Date: 08/09/2012 04:41 PM Subject: Re: [389-users] Question about expired/expiring passwords Sent by: 389-users-bounces@lists.fedoraproject.org It’s up to the client to support warnings about password expiration (that true in general, not just where LDAP is involved). Â*I have no idea how, or even if, WS_FTP, Filezilla or pGina support that, but I suspect they don’t. Â* In my environment I’ve written scripts that will send emails when a password is close to expiration, since the clients many of our users connect with will never do it. Â* From: 389-users-bounces@lists.fedoraproject.org [mailto:389-users-bounces@lists.fedoraproject.org] On Behalf Of harry.devine@faa.gov Sent: Thursday, August 09, 2012 1:02 PM To: 389-users@lists.fedoraproject.org Subject: [389-users] Question about expired/expiring passwords Â* In our environment, we have users that authenticate to our LDAP server in a few ways: Â* Â* Â* Â*1) they log into the server directly using SSH via PuTTY; Â* Â* Â* Â*2) they log in to our server using FileZilla or WS_FTP using SFTP; Â* Â* Â* Â*3) they authenticate their account via the LDAP on a Windows server using pGina In method 1, they are prompted to change their password if it is expired, or are given the warning about the password will expire in X days. Â*How do I have the user get a similar warning/message when connecting via methods 2 and 3? Â*We have a lot of users who get themselves flustered because they think they have the right password, but because they're never warned or given a message, they think its wrong, put in a few more passwords, and eventually lock their account out. Any ideas? Harry Harry Devine Common ARTS Software Development AJM-245 (609)485-4218 Harry.Devine@faa.gov[attachment "smime.p7s" deleted by Harry Devine/ACT/FAA] -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users |
Question about expired/expiring passwords
I'm not familiar with #3 but for #2 you could add a check of the password age to the login process. The implement it universally but it in the etc login process.
On Aug 9, 2012 4:01 PM, <harry.devine@faa.gov> wrote: In our environment, we have users that authenticate to our LDAP server in a few ways: * * * * 1) they log into the server directly using SSH via PuTTY; * * * * 2) they log in to our server using FileZilla or WS_FTP using SFTP; * * * * 3) they authenticate their account via the LDAP on a Windows server using pGina In method 1, they are prompted to change their password if it is expired, or are given the warning about the password will expire in X days. *How do I have the user get a similar warning/message when connecting via methods 2 and 3? *We have a lot of users who get themselves flustered because they think they have the right password, but because they're never warned or given a message, they think its wrong, put in a few more passwords, and eventually lock their account out. Any ideas? Harry Harry Devine Common ARTS Software Development AJM-245 (609)485-4218 Harry.Devine@faa.gov -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users |
| All times are GMT. The time now is 09:12 PM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.