Hi,

I have successfully configured OpenLDAP Server in rhel7.2.I have also implemented password policy as per URL https://access.redhat.com/solutions/2710021.

LDAP client server authentication is working fine.

I want whenever any LDAP user logs in to LDAP client,it should show how many days are left before password expiration.

For the same I have modified my ldap password policy by "ldapmodify" command with "pwdExpireWarning" same as that of "pwdMaxAge".

When a user logs in to LDAP client,ldap user simply gets logged in with no message at loggin prompt.

Although i can see "password expiry" of user ldap219346 got changed.


code:

Logs in /var/log/ldap.log
Oct 16 06:18:39 <LDAP_Server> slapd[1701]: ppolicy_bind: Setting warning for password expiry for uid=ldap219346,ou=People,dc=domain,dc=com = 2588352 sec
onds

LDAP server password policy:
# cat passwordpolicy.ldif
dn: cn=default,ou=policies,dc=domain,dc=com
cn: default
objectClass: pwdPolicy
objectClass: device
objectClass: top
pwdAttribute: userPassword
pwdMaxAge: 2592000
pwdExpireWarning: 604800
pwdInHistory: 4
pwdCheckQuality: 1
pwdMinLength: 14
pwdMaxFailure: 3
pwdLockout: TRUE
pwdLockoutDuration: 300
pwdGraceAuthNLimit: 0
pwdFailureCountInterval: 0
pwdMustChange: TRUE
pwdAllowUserChange: TRUE
pwdSafeModify: FALSE

LDAP server updated password policy:
# cat updatepasswordpolicy.ldif
dn: cn=default,ou=policies,dc=domain,dc=com
changetype: modify
replace: pwdExpireWarning
pwdExpireWarning: 2592000



When i logged in LDAP client:

[LDAP client]# su - ldap219346
Last login: Mon Oct 16 07:09:02 CDT 2017 on pts/0
[LDAP client]$

Please suggest.


Thanks

Kindly help

Hello Fellows!
Did anybody faced the same?
I am facing the same.
In fact, i am using OPENLDAP server on Suse 11 SP1, and my client is Suse 10 SP2.
In Suse 11 sp1 is displaying, but, in Suse 10 it is not displaying.
Would be happy if any of you could help.
thanks!