LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 08-26-2008, 02:10 AM   #1
codeape
Member
 
Registered: Feb 2004
Distribution: Debian
Posts: 62

Rep: Reputation: 15
PAM LDAP authentication password policy questions


I'd like to implement a password policy for the users in my ldap db.
I'm using RHEL openldap as the server and RHEL/solaris/etc as ldap clients.


How can I accomplish the following:

1 - Automatic password expiration.
2 - X days warning in advance of expiration.
3 - Force user to change password before expiration ! Is this even possible??
4 - Verify password complexity for new passwords.

There is a schema file with definitions that seem to deal with some of the above:
nis.schema - shadowMax, shadowWarning, shadowExpire
In my ldap db, these are user-properties, so not part of a policy profile and the nis.schema does not seem to facilitate a forced password change before passwords expire.
I tried fiddling with these properties, but without the desired results.

If there are arguments that could be made why forcing users to change their passwords before expiration is a bad idea, I'd gladly hear them.

Kind regards,
Ape
 
  


Reply

Tags
authentication, ldap, password, policy


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LDAP + PAM Password Policy. FragInHell Linux - Security 0 11-29-2007 10:16 PM
vsftpd using Ldap+pam authentication issue PhillipHuang Linux - Software 1 09-26-2006 10:43 PM
pam ldap limit authentication hassan2 Suse/Novell 0 08-01-2005 06:03 PM
pam and ldap authentication problem abrb220 Linux - Networking 2 07-31-2005 03:49 PM
Squid PAM authentication and LDAP redmat Linux - Newbie 1 09-03-2004 07:22 PM


All times are GMT -5. The time now is 03:30 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration