To make it clearer, would these settings make any sense? As they seem to be the ones required
Is this the number of days the system will warn the user over? pm.ldap.server.ad.password.warn.days=7 Is this the maximum number of days before the account password needs to be reset? pm.ldap.server.ad.attr.max-pwd-age=30 Would 0 make sense here? Or does it have to be set to 0x00000000 ? pm.ldap.server.ad.attr.uac=0 Should I assume this has to be today's date? pm.ldap.server.ad.attr.pwd-last-set=0 Is this the number of days to cache a password? Is 0 an appropriate value? pm.ldap.server.ad.cache.value.max-pwd-age=0 From: George Beitis [mailto:[email protected]] Sent: Thursday, February 21, 2013 11:13 AM To: [email protected] Subject: RE: [cas-user] cas-password-manager question Hi Misagh, Quick question: is this attribute meant to reflect the current state of all accounts? what the system can do with the account? Or what this attribute will be set to once changes have been applied to this account? i.e. if I want the password to never expire to set the value to 0x00010000? Or if I want nothing to happen to set it to 0x00000000? George From: Misagh Moayyed [mailto:[email protected]] Sent: Wednesday, February 20, 2013 7:38 PM To: [email protected]<mailto:[email protected]> Subject: RE: [cas-user] cas-password-manager question Should I be placing values for these by defining the pm.ldap.server.{} attributes inside the cas.properties file? Yes. Also, any clue as to what value is expected for uacAttribute? This should be the user account control attribute name in AD. See this please: http://msdn.microsoft.com/en-us/library/windows/desktop/ms680832(v=vs.85).aspx -Misagh From: George Beitis [mailto:[email protected]] Sent: Wednesday, February 20, 2013 1:12 AM To: [email protected]<mailto:[email protected]> Subject: [cas-user] cas-password-manager question Dear all, Having some trouble configuring the Unicon cas-password-manager extention with an Active Directory server. Specifically spring-configuration/passwordManagerContext contains the following attributes which are not configured anywhere. Should I be placing values for these by defining the pm.ldap.server.{} attributes inside the cas.properties file? Also, any clue as to what value is expected for uacAttribute? <property name="passwordWarnAgeDays" value="${pm.ldap.server.ad.password.warn.days}"/> <property name="maxPwdAgeAttribute" value="${pm.ldap.server.ad.attr.max-pwd-age}"/> <property name="uacAttribute" value="${pm.ldap.server.ad.attr.uac}"/> <property name="pwdLastSetAttribute" value="${pm.ldap.server.ad.attr.pwd-last-set}"/> <property name="timeBetweenMaxPwdAgeRefreshSeconds" value="${pm.ldap.server.ad.cache.value.max-pwd-age}"/> George -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
