[389-users] 389 Server force user password expiry
Bedorf, Paul
Paul.Bedorf at mosaic.com
Tue Oct 6 14:02:22 UTC 2015
Hi William, do you know where can I find this ' nsAccountLock ' attribute?
__________________________________________________
Paul Bedorf | Linux Administrator | Mosaic
O: 905.238.8058 x 6414 | M: 416.799.4028
mosaic.com
-----Original Message-----
From: 389-users-bounces at lists.fedoraproject.org [mailto:389-users-bounces at lists.fedoraproject.org] On Behalf Of William Brown
Sent: Monday, October 05, 2015 7:03 PM
To: General discussion list for the 389 Directory server project.
Subject: Re: [389-users] 389 Server force user password expiry
On Mon, 2015-10-05 at 16:14 -0400, Rob Crittenden wrote:
> Bedorf, Paul wrote:
> > I am running a 389 Directory Server v1.2.9.9
> >
> > We have enabled a password policy as follows:
> >
> >
> >
> > However, I don’t want to wait until tomorrow for my ‘test’ user to
> > expire, as im doing some API testing and need the ‘test’
> >
> > user to expire at any time. How would I force a user password expiry
> > on an individual account?
> >
>
> A coarse way to do it is to manually advance the system clock. Or find
> the attribute holding the expiration date and tweak it.
Set either nsAccountLock: true or change accountUnlockTime: to be in the future.
You can get the current DS system time for the root DSE, and just add to it.
--
William Brown <william at blackhats.net.au>
--
389 users mailing list
389-users at lists.fedoraproject.org
http://cp.mcafee.com/d/5fHCN8gdEIccnushud79KVJ5BNdBYQsK6QmhObyoVASyUed7bab3VIs-OyqenXI6RJrfUxW5oKwFmJdBrBPqJqraTbCXqztB5N_HYyyed7bOvnKnjjuuVdZdNZzG8FHnjlKyVOEuvkzaT0QSyrhdTV555MQsLe8FTdTdAVPmEBCqwHa7e-xmeHhG8_qv00s4RtxxYGjB1SKcL6zAKTjUQdIL6zAKTjUQbAaJMJZ0kvaAWsXW5oWJ6EzZFY01dIe6zCVI5-Aq83iSOYqeiXtfzgQKCy1BUQsCy0o-9DUCy1SIruq86Wv4QgbrixyIk3h1UuJa9oS-OraeIo
More information about the 389-users
mailing list