Hi Mark, thanks for the response. We already use password lockout plugin, but what I need is the opposite.
I want to * Create an account, activate it * Set an expiration date, so that after that date account is locked. Cheers Cenk On Fri, Sep 29, 2023 at 9:50 PM Mark Reynolds <marey...@redhat.com> wrote: > Actually, I was wrong there is more you need to do. > > You need to enable account lockout and set a max failure count: > > # dsconf slapd-INSTANCE config set passwordLockout=on passwordMaxFailure=3 > > Then set in each user entry: > > passwordRetryCount: 3 --> number equal to passwordMaxFailure > > retryCountResetTime: 20230929193912Z --> you must calculate this > value (and use it for these two attributes) > > accountUnlockTime: 20230929193912Z > > > That works for me. > > HTH, > > Mark > > > On 9/29/23 11:40 AM, Cenk Y. wrote: > > Hello, > > > > We are running 389-ds-base.2.2.7 . > > > > While creating accounts, sometimes we know until when they need to be > > active. Is there a way to manually set a "expiration date" for the > > account, so after that date nsAccount is set to true? > > > > Having gone through rhds and 389-ds pages, it seems it's only possible > > to create a policy to deactivate accounts after an inactivity limit. > > > > I can always create a mechanism myself (such as adding a new attribute > > and checking it by a cron job ...) , but I want to see if there is a > > native way to do this? > > > > Thanks > > Cenk > > > > _______________________________________________ > > 389-users mailing list -- 389-users@lists.fedoraproject.org > > To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org > > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > > List Archives: > https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org > > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue > > -- > Directory Server Development Team > >
_______________________________________________ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
