Are you doing this via an ldif file or stdin?<div><br></div><div>Try </div><div>echo -e "<span style>dn: uid=username,ou=people,dc=</span><span style>domain,dc=local\n</span><span style>changetype: delete\n</span><span style>delete: lastLoginTime\n\n" | ldapmodify -x -h yourhost -D"cn=directory manager" -wPaSsWoRd</span></div>
<div><span style><br></span></div><div><span style>Jim<br></span><br><div class="gmail_quote">On Wed, May 9, 2012 at 11:09 AM, Rich Megginson <span dir="ltr"><<a href="mailto:rmeggins@redhat.com" target="_blank">rmeggins@redhat.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><div class="im">
On 05/09/2012 10:09 AM, Ali Jawad wrote:
<blockquote type="cite">
<div dir="ltr">Hi Rich
<div>Seems I still got a problem, the users can't logon anymore,
I did try to </div>
<div><br>
</div>
<div>
<div>dn: uid=username,ou=people,dc=domain,dc=local</div>
<div>changetype: delete</div>
<div>delete: lastLoginTime</div>
<div><br>
</div>
<div>But I keep getting </div>
<div><br>
</div>
<div>
<div>ldapmodify: extra lines at end (line 3 of entry
"uid=username,ou=people,dc=domain,dc=local")</div>
</div>
<div><br>
</div>
<div>I checked for whitespaces, extra lines..but still same
issue</div>
<div><br>
</div>
<div>I did also check for lastLoginTime values in the users in
the interface, but the value is empty..so not sure if this
is the problem at all</div>
</div>
</div>
</blockquote>
<br></div>
does ldapmodify -d 1 give any more useful information?<div><div class="h5"><br>
<br>
<blockquote type="cite">
<div dir="ltr">
<div>
<div><br>
</div>
<div>Regards</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div class="gmail_quote">On Wed, May 9, 2012 at 5:26 PM, Ali
Jawad <span dir="ltr"><<a href="mailto:ali.jawad@splendor.net" target="_blank">ali.jawad@splendor.net</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Hi Rich
<div>Your help is highly appreciated, I got it working,
thanks for your patience.<br>
Regards
<div>
<div><br>
<br>
<div class="gmail_quote">On Wed, May 9, 2012 at
5:19 PM, Rich Megginson <span dir="ltr"><<a href="mailto:rmeggins@redhat.com" target="_blank">rmeggins@redhat.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div> On 05/09/2012 08:17 AM, Ali Jawad
wrote: </div>
<blockquote type="cite">
<div dir="ltr">Hi
<div>
<div>Thanks Rich, just what I was
searching for, I am facing a problem
though "ldapmodify: No such object
(32) matched DN:
dc=domain,dc=local"at :</div>
<div><br>
</div>
<div>
<pre style="line-height:1.29em;font-family:'liberation mono','bitstream vera mono','dejavu mono',monospace;background-color:rgb(245,245,245);border-top-width:1px;border-right-width:1px;border-bottom-width:1px;border-left-width:1px;border-top-style:solid;border-right-style:solid;border-bottom-style:solid;border-left-style:solid;border-top-color:rgb(170,170,170);border-right-color:rgb(170,170,170);border-bottom-color:rgb(170,170,170);border-left-color:rgb(170,170,170);margin-bottom:0.3em;padding-top:0.5em;padding-right:1em;padding-bottom:0.5em;padding-left:1em;white-space:pre-wrap;word-wrap:break-word;font-size:0.9em;border-top-left-radius:11px;border-top-right-radius:11px;border-bottom-right-radius:11px;border-bottom-left-radius:11px">
[user@server ~]$ ldapmodify <strong>-a</strong> -D "cn=directory manager" -w secret -p 389 -h <a href="http://server.example.com" target="_blank">server.example.com</a> -x
dn: cn=Account Inactivation Policy,dc=example,dc=com
objectClass: top
objectClass: ldapsubentry
objectClass: extensibleObject
<strong>objectClass: accountpolicy</strong>
<strong>accountInactivityLimit: 2592000</strong>
cn: Account Inactivation Policy</pre>
</div>
<div><br>
</div>
<div>I am doing </div>
<div><br>
</div>
<div>
<div>[root@386-100-16 dirsrv]#
ldapmodify -D "cn=directory
manager" -w password -p 389 -h
x.x.x.x -x</div>
<div> <br>
</div>
<div>dn: cn=Account Inactivation
Policy,dc=domain,dc=local</div>
<div>objectClass: top</div>
<div>objectClass: ldapsubentry</div>
<div>objectClass: extensibleObject</div>
<div>objectClass: accountpolicy</div>
<div>accountInactivityLimit: 2592000</div>
<div>cn: Account Inactivation Policy</div>
<div>modifying entry "cn=Account
Inactivation
Policy,dc=domain,dc=local"</div>
<div><br>
</div>
<div>ldapmodify: No such object (32)</div>
<div> matched DN:
dc=domain,dc=local</div>
</div>
</div>
</div>
</blockquote>
<br>
Right. You are missing the ldapmodify -a -
see the original instructions
<div>
<div><br>
<br>
<blockquote type="cite">
<div dir="ltr">
<div> <br>
<div class="gmail_quote">On Wed,
May 9, 2012 at 4:47 PM, Rich
Megginson <span dir="ltr"><<a href="mailto:rmeggins@redhat.com" target="_blank">rmeggins@redhat.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>
<div> On 05/09/2012 07:45
AM, Ali Jawad wrote:
<blockquote type="cite">
<div dir="ltr">Hi
<div>I have a
requirement to
disable inactive
users after 90
days. I did read
<a href="http://directory.fedoraproject.org/wiki/Account_Policy_Design" target="_blank">http://directory.fedoraproject.org/wiki/Account_Policy_Design</a>
but I am not sure
whether this is a
design proposal or
the
actual implementation. </div>
<div><br>
</div>
<div>My DS version
is :</div>
<div><br>
</div>
<div>
<div>rpm -qa |
grep 389</div>
<div>389-admin-console-1.1.8-1.el5</div>
<div>389-ds-base-1.2.9.9-1.el5</div>
<div>389-dsgw-1.1.7-2.el5</div>
<div>389-console-1.1.7-3.el5</div>
<div>389-adminutil-1.1.14-1.el5</div>
<div>389-admin-1.1.23-1.el5</div>
<div>389-admin-console-doc-1.1.8-1.el5</div>
<div>389-ds-1.2.1-1.el5</div>
<div>389-ds-base-libs-1.2.9.9-1.el5</div>
<div>389-ds-console-1.2.6-1.el5</div>
<div>389-ds-console-doc-1.2.6-1.el5</div>
</div>
<div>
<div><br>
</div>
I got </div>
<div><br>
</div>
<div>
<div>[root@386-100-16
dirsrv]#
ldapsearch -x -D
"cn=Directory
manager" -w
Password -b
"cn=config" -s
base
lastLoginTime</div>
<div># extended
LDIF</div>
<div>#</div>
<div># LDAPv3</div>
<div># base
<cn=config>
with scope
baseObject</div>
<div># filter:
(objectclass=*)</div>
<div># requesting:
lastLoginTime </div>
<div>#</div>
<div><br>
</div>
<div> # config</div>
<div>dn: cn=config</div>
<div><br>
</div>
<div># search
result</div>
<div>search: 2</div>
<div>result: 0
Success</div>
<div><br>
</div>
<div>#
numResponses: 2</div>
<div># numEntries:
1</div>
<div><br>
</div>
<div>and </div>
<div><br>
</div>
<div>
<div>[root@386-100-16
dirsrv]# grep
-i
lastlogintime
/etc/dirsrv/slapd-386-100-16/schema/*</div>
<div>/etc/dirsrv/slapd-386-100-16/schema/60acctpolicy.ldif:##
lastLoginTime
holds login
state in user
entries
(GeneralizedTime
syntax)</div>
<div>/etc/dirsrv/slapd-386-100-16/schema/60acctpolicy.ldif:attributeTypes:
(
2.16.840.1.113719.1.1.4.1.35
NAME
'lastLoginTime'</div>
</div>
<div><br>
</div>
<div>I am not sure
how to implement
this though,
please advice.</div>
</div>
</div>
</blockquote>
</div>
</div>
<a href="http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/account-policy-plugin.html" target="_blank">http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/account-policy-plugin.html</a><br>
<blockquote type="cite">
<div dir="ltr">
<div>
<div><br>
</div>
<div>Regards</div>
<br>
</div>
</div>
<br>
<span><font color="#888888">
<fieldset></fieldset>
<br>
<pre>--
389 users mailing list
<a href="mailto:389-users@lists.fedoraproject.org" target="_blank">389-users@lists.fedoraproject.org</a>
<a href="https://admin.fedoraproject.org/mailman/listinfo/389-users" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/389-users</a></pre>
</font></span></blockquote>
<br>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div dir="ltr"><font><font color="#888888"><b>Ali Jawad<br>
</b></font></font>
<div>
<div><font><font color="#888888"><b>Information
Systems Manager</b></font></font></div>
<div><font><font color="#888888"><b>Splendor
Telecom <span>(</span><span style="background-color:rgb(51,51,255);color:rgb(51,102,255)"><a href="http://www.splendor.net/" target="_blank"><span style="background-color:rgb(255,255,255)"><font color="#3366ff">www.splendor.net</font></span></a></span><span>)</span><br>
Beirut, Lebanon<br>
Phone: <a href="tel:%2B9611373725" value="+9611373725" target="_blank">+9611373725</a>/ext
116<br>
FAX: <a href="tel:%2B9611375554" value="+9611375554" target="_blank">+9611375554</a></b></font></font></div>
</div>
</div>
<br>
</div>
</div>
</blockquote>
<br>
</div>
</div>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div dir="ltr"><font><font color="#888888"><b>Ali
Jawad<br>
</b></font></font>
<div>
<div><font><font color="#888888"><b>Information
Systems Manager</b></font></font></div>
<div><font><font color="#888888"><b>Splendor
Telecom <span>(</span><span style="background-color:rgb(51,51,255);color:rgb(51,102,255)"><a href="http://www.splendor.net/" target="_blank"><span style="background-color:rgb(255,255,255)"><font color="#3366ff">www.splendor.net</font></span></a></span><span>)</span><br>
Beirut, Lebanon<br>
Phone: <a href="tel:%2B9611373725" value="+9611373725" target="_blank">+9611373725</a>/ext 116<br>
FAX: <a href="tel:%2B9611375554" value="+9611375554" target="_blank">+9611375554</a></b></font></font></div>
</div>
</div>
<br>
</div>
</div>
</div>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div dir="ltr"><font><font color="#888888"><b>Ali Jawad<br>
</b></font></font>
<div>
<div><font><font color="#888888"><b>Information Systems
Manager</b></font></font></div>
<div><font><font color="#888888"><b>Splendor Telecom <span style>(</span><span style="background-color:rgb(51,51,255);color:rgb(51,102,255)"><a href="http://www.splendor.net/" target="_blank"><span style="background-color:rgb(255,255,255)"><font color="#3366ff">www.splendor.net</font></span></a></span><span style>)</span><br>
Beirut, Lebanon<br>
Phone: <a href="tel:%2B9611373725" value="+9611373725" target="_blank">+9611373725</a>/ext 116<br>
FAX: <a href="tel:%2B9611375554" value="+9611375554" target="_blank">+9611375554</a></b></font></font></div>
</div>
</div>
<br>
</div>
</div>
</blockquote>
<br>
</div></div></div>
<br>--<br>
389 users mailing list<br>
<a href="mailto:389-users@lists.fedoraproject.org">389-users@lists.fedoraproject.org</a><br>
<a href="https://admin.fedoraproject.org/mailman/listinfo/389-users" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/389-users</a><br></blockquote></div><br></div>