expired should not be allowed to reset password, Any property to set this condition ?
73 views
Skip to first unread message
Neha Ganorkar
Feb 8, 2023, 6:37:47 AM2/8/23
to pwm-general
I want that accounts which have been expired should not be allowed to reset password.
Show a message to the Helpdesk that the account is expired and do not allow the password reset
so that there is no misuse of the expired accounts.
Is there any property to set this condition in PwmConfiguration.xml ?
Jason Rivard
Feb 8, 2023, 6:34:33 PM2/8/23
to pwm-general
I'm assuming you mean "account disabled" and not "password expired". The definitions for these terms depend on your LDAP directory, and the status of these conditions are controlled by your LDAP directory, not PWM. If you can clarify what you mean and which LDAP directory your using, I might have a better answer...
Neha Ganorkar
Feb 9, 2023, 1:10:16 AM2/9/23
to pwm-general
We are using OpenLDAP.
Through bind account all user's requests are intercepted through PWM to our LDAP directory.
CARLOS ANTONIO FERREIRA
Feb 14, 2023, 7:34:20 AM2/14/23
to pwm-general
I am running through the same issue. Accounts are stored in AD. When the attribute userAccountControl is "514" (user disabled), PWM does not allow resetting of password.
In this case, system returns
PWM 5065
Account is disable
Scenario: Despite user is not allowed to login on a desktop (userAccountControl), he may be allowed, for example, to login into a web application.
In this case, system returns
PWM 5065
Account is disable
Scenario: Despite user is not allowed to login on a desktop (userAccountControl), he may be allowed, for example, to login into a web application.
Reply all
Reply to author
Forward
0 new messages