Le 07/03/2017 à 21:29, Pittman, Michael a écrit : > Hi, > > I'm looking for a way to disable a user account if the user has not logged in > for a configurable amount of days. Does ApacheDS currently support this?
You would like to set a default passwordPolcy, and set the ads-pwdMaxIdle attribute. From https://tools.ietf.org/html/draft-behera-ldap-password-policy-10#page-27 : 5.2.20. pwdMaxIdle This attribute specifies the number of seconds an account may remain unused before it becomes locked. If this attribute is not set or is 0, no check is performed. ( 1.3.6.1.4.1.42.2.27.8.1.26 NAME 'pwdMaxIdle' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) Have a look at http://directory.apache.org/apacheds/advanced-ug/4.3-password-policy.html -- Emmanuel Lecharny Symas.com directory.apache.org
