Hi, it's CAS 4.0 where I tested it. It uses a different LDAP library (ldaptive) which works better. If you use the configuration I exposed, the binding response to LDAP will include the information you need: accound expired, password expired, time remaining to password expiration and grace logins left. I suggest that you move to 4.0 before trying to get ppolicy to work.
What is missing is the correct proccessing of this response in CAS (in some cases), but Daniel brought us great news yesterday: developers will provide all neccesary configuration and patches for it to work in the following days (thank you so much!). I'm still dealing with my own implementation however, but the official one will be better for sure. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
