Am Sun, 23 Dec 2012 17:33:38 -0600 schrieb Kyle Harris <[email protected]>:
> Hello All, > > I have a perl script that allows for the creation of new accounts in > OpenLDAP. I am attempting to find a way to force the newly created > user to change his or her password upon first login. I tried setting > the attribute pwdMustChange to TRUE but that attribute must not be > definable upon user creation. So, how can this be accomplished so > that a new user is forced to change passwords after they first log on? In your perlscript you may include Net::LDAP::Extension::SetPassword in order to create a random password, and second you should define and create a password policy entry that contains all relevant attribute types. See man slapo-ppolicy(5). -Dieter -- Dieter Klünter | Systemberatung http://dkluenter.de GPG Key ID:DA147B05 53°37'09,95"N 10°08'02,42"E
