[389-users] Re: Setting "lock" time of an account in the future

Fri, 29 Sep 2023 12:50:24 -0700 

Actually, I was wrong there is more you need to do.

You need to enable account lockout and set a max failure count:

# dsconf slapd-INSTANCE config set passwordLockout=on passwordMaxFailure=3

Then set in each user entry:

    passwordRetryCount: 3  --> number equal to passwordMaxFailure
    retryCountResetTime: 20230929193912Z   --> you must calculate this value (and use it for these two attributes) 

    accountUnlockTime: 20230929193912Z


That works for me.

HTH,

Mark


On 9/29/23 11:40 AM, Cenk Y. wrote:

Hello,

We are running 389-ds-base.2.2.7 .
While creating accounts, sometimes we know until when they need to be active. Is there a way to manually set a "expiration date" for the account, so after that date nsAccount is set to true?
Having gone through rhds and 389-ds pages, it seems it's only possible to create a policy to deactivate accounts after an inactivity limit.
I can always create a mechanism myself (such as adding a new attribute and checking it by a cron job ...) , but I want to see if there is a native way to do this? 

Thanks
Cenk

_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue


--
Directory Server Development Team
_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Reply via email to