How to force open LDAP user to change their password at first login
 

Hi,

I have configured OpenLDAP on my one of Linux servers and set password policy for users. Everything is working fine but now I am unable to fix two requirements :

1> How we can force LDAP user to change their password at first login.

2> How to set alert on LDAP, so that User will be prompted before LPDA password expiry while login on their systems.

Please help.

Thanks,
Niraj

See the "Question Guidelines" link in my posting signature. We are happy to help, but you need to do basic research first (and provide full details) when asking a question. You don't say what version/distro of Linux, or what kind of clients are logging in.

Both of your questions have many, MANY hits in Google, with examples and suggestions, such as "force ldap users to change password after first login", and "password expiration alert". Without knowing what you have done/tried so far, we can't suggest what may be wrong or how to fix it. What HAVE you done/tried?

Hints:

1. Setting ShadowLastChange may work
2. The pwdLastSet entity in LDAP can be read upon login; simple math done in a login script can tell you how many days and do whatever you'd like

Hi,

Before posting my issue on this forum, we tried all entities mentioned in your reply but none of these are working. We did a lot of google butdid not get any fruitful solution. Hence I thought to put my problem here, if any of member solve this issue.

Thanks,
Niraj

I find multiple solutions for exactly your original questions when I use google.

Sorry, I doubt you tried 'all entities' you found with a Google search. Putting the phrases given to you before pulls up LOTS, with commands and examples, that do exactly what you asked.

Again: WHAT did you do/try??? And you STILL don't provide details about your system, clients, or what the results of the commands you supposedly tried were.