What I meant is all you know is the expiration date.  You will not know any of the expiration information on top of that like when to start warning, if they have already been warned or if they have used grace logins.  The reason these LDAP v3 requests exist is to be able to get extra information just like this.<br>

<br><div class="gmail_quote">2010/9/24 Morris, Patrick <span dir="ltr">&lt;<a href="mailto:patrick.morris@hp.com">patrick.morris@hp.com</a>&gt;</span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">



  
    
  
  <div bgcolor="#ffffff" text="#000000">
    It&#39;s not true that this only tells you if it has expired.  It tells
    you *when* it will expire if it&#39;s going to, which is what Ondrej
    said he was looking for.  If you want to know, for example, if
    someone&#39;s password will expire within a week, that field will tell
    you.<div><div></div><div class="h5"><br>
    <br>
    On 9/24/2010 9:51 AM, Aaron Hagopian wrote:
    <blockquote type="cite">This only tells you if their password has expired but
      you will not know if there are grace logins and this also doesn&#39;t
      tell you give you password warnings without trying to lookup the
      policy.  You can get all of the password information using ldap
      extended operations (part of LDAP v3 I think).
      <div>
        <br>
      </div>
      <div>I am using this with great success in java but not sure how
        much is implemented in PHP.  Maybe someone on this list or a php
        list may know better.</div>
      <div><br>
      </div>
      <div><br>
        <br>
        <div class="gmail_quote">
          2010/9/24 Morris, Patrick <span dir="ltr">&lt;<a href="mailto:patrick.morris@hp.com" target="_blank">patrick.morris@hp.com</a>&gt;</span><br>
          <blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204, 204, 204);padding-left:1ex">
            <div>  On 9/23/2010 8:13 PM, Ondrej Ivanič wrote:<br>
              &gt; Hi,<br>
              &gt;<br>
              &gt; Is there any way how to query user&#39;s password policy
              related<br>
              &gt; attributes? I&#39;m interested in password expiration
              date in order to<br>
              &gt; show warning message.<br>
              <br>
            </div>
            Just look for &quot;passwordExpirationTime&quot; on the account entry.
             You&#39;ll<br>
            need to ask for it specifically.<br>
            <div>
              <div>--<br>
                389 users mailing list<br>
                <a href="mailto:389-users@lists.fedoraproject.org" target="_blank">389-users@lists.fedoraproject.org</a><br>
                <a href="https://admin.fedoraproject.org/mailman/listinfo/389-users" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/389-users</a><br>
              </div>
            </div>
          </blockquote>
        </div>
        <br>
      </div>
    </blockquote>
    <br>
  </div></div></div>

<br>--<br>
389 users mailing list<br>
<a href="mailto:389-users@lists.fedoraproject.org">389-users@lists.fedoraproject.org</a><br>
<a href="https://admin.fedoraproject.org/mailman/listinfo/389-users" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/389-users</a><br></blockquote></div><br>