"Andrew Grimmett" <[EMAIL PROTECTED]> wrote: > I looked at the rlm_unix module and it appears that it is only rejecting > the authentication request if the shadow file has an Expiration date > such as YYYY-MM-DD.
Not from what I can see. > Should or will be the maximum days the password is > valid for compared against the last change date in the shadow file > before the users account is locked, be part of the rlm_unix module > reject once the password is older than the maximum age allowed? I'm not sure what that means. See 'man shadow'. The 'sp_expire' field is the data when the password expires. > Shadow File with aging from Red Hat 7.3: > > Username:password:12069:0:180:7:1:: > > The 12069 is date of last change. > > The 180 is maximum days the password is valid for. No, it's the date when the user is required to change their password. See the 'man' pages. You don't have a password expiry field set in that entry. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
