LDAP authentication and shadowExpire

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

LDAP authentication and shadowExpire

Mantas Gegužis
Hi,

I am trying to configure Dovecot (2.2.27) with LDAP passdb,  
specifically with authentication binds  
(https://wiki.dovecot.org/AuthDatabase/LDAP/AuthBinds).

Atribute shadowExpire has a unix time stamp value. Is there a way to  
write pass_filter like shadowExpire<ToDay?

Or maybe there is better way to implement password expiration in Dovecot?


--
Pagarbiai
Mantas Gegužis
VU Informacinių technologijų taikymo centras
Reply | Threaded
Open this post in threaded view
|

Re: LDAP authentication and shadowExpire

Steffen Kaiser-9
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 30 Oct 2017, Mantas Gegužis wrote:

> I am trying to configure Dovecot (2.2.27) with LDAP passdb, specifically with
> authentication binds (https://wiki.dovecot.org/AuthDatabase/LDAP/AuthBinds).
>
> Atribute shadowExpire has a unix time stamp value. Is there a way to write
> pass_filter like shadowExpire<ToDay?
>
> Or maybe there is better way to implement password expiration in Dovecot?

No, I think not.
I use another LDAP attribute to deny access to a certain service, using
the %s variable.

You could think about adding a new variable to Dovecot.

- --
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEVAwUBWfrONXz1H7kL/d9rAQIL8QgAoNmPOJTE0tQZEHhIQGOZ0cq1tsXPoRTn
eOXv+t3uzPJG2xOGq4PmV8fEtJOJANal6k6oW9wAUSqJFYqQhZsO3qXt8ORYjkM8
wM7TBFNGcjPBLkQ9azIJFdIp9FZ6gX76mK67TrJ2kDcALt+KQ5sB0LNs5aAxBDIv
EidTm1NHzNuUYHdF2G2dLRl0y0yy/6kKuJNs1hXDhV/qPdl6fWPkeXtMek7ig6q6
RqF9al5F3FzRTem2mL0NcUKMUfb8bjOcyHhhOBfL/f2RJWqDII+3Ucv8bDRdth0Z
gy9GmY9ad0d+G54oKSrrykiEQfsK7lJ9RFZfSoMAg3jLs+zLenHxsQ==
=glYL
-----END PGP SIGNATURE-----