W/o having tried it I'd say no (certainly not out of the box,
anyway). You can obviously pretty much store whatever you
like in LDAP, but there's no way that it'd get enforced.
I don't know the internal works of AD, either, but I'd think
that SOME HOOK on windows takes care of the enforcement rather
than AD actively pushing stuff.
That said: you should be able to code something like this
yourself ;} ... with the only problem being that it will most
likely become rather distro-specific.
Cheers,
Tink
Last edited by Tinkster; 01-22-2007 at 12:00 PM.
|