Password expiration based on my LDAP
235 views
Skip to first unread message
Alberto Viana
Aug 7, 2017, 3:25:18 PM8/7/17
to pwm-g...@googlegroups.com
Hi,
I'm using pwm 1.8 with 389, and I realized that under Active Directory config there is an option "Allow Authentication When Password Expired"
Is there an option like that under openldap or similar?
I also saw that I can control that(password expiration) via PWM, but it gonna better to me to do that in my LDAP.
Thanks
Alberto Viana
Aug 8, 2017, 12:09:26 PM8/8/17
to pwm-g...@googlegroups.com
Just a few infos:
Check Expire During Authentication is set to true
Check Expire During Authentication is set to true
INFO: 2017-08-08T13:03:27Z, ERROR, auth.SessionAuthenticator, {89} ldap error during search: 5001 ERROR_WRONGPASSWORD (ldap error during password check: unable to create connection: unable to bind to ldaps://ldap.my.domain:636 as uid=test.user,OU=teste,dc=my,dc=domain reason: [LDAP: error code 49 - password expired!])
This is not suppose to send to the change password screen?
This is not suppose to send to the change password screen?
Thanks
Alberto Viana
Aug 9, 2017, 1:33:23 PM8/9/17
to pwm-g...@googlegroups.com
Hi All,
I found the solution, in 389 I have to combine passwordExpirationTime and passwordGraceLimit and everything works as expected.
Thanks
Reply all
Reply to author
Forward
0 new messages