I looked around yesterday and I can't find the script Part of the problem is that I don't remember where I saved it .. the other problem is that I don't remember what filename I used
I checked all my usual stashes on the server and have't found it yet I'd like to find it .. I really meant to use it but put off deploying it (and now I can't find it) Pascal Vilarem ([EMAIL PROTECTED]) wrote: > > > foa thx for the answer Brian :-) > > > Brian Johnson wrote: > > >I use ldap for shell, email, phpgw, and samba accounts so that each user has > >one password that works for all those systems and I mod'd phpgw to allow them > >to change them all at once through the phpgw change password screen. > > > > > nice arch :-) > > >I would like to modify phpgw to do password checks on the change so that a > >simple password is not accepted .. however I haven't done that yet and the > >only way I know of to do it creates another dependancy for libraries on the > >server which may not sit well with everyone > > > >I decided to implement a password change system that "encouraged" users to > >change their password instead of "requiring" them to change it and wrote one > >but haven't actually put it in place yet. > > > >The problem with "requiring" them to change it was that access could be > >through any of the above systems and they all have different abilities. I > >didn't want to write a passwd change utility (or require the existence of one > >on the server). > > > >Since I wasn't "requiring" a password change, I decided a daily cron job > >would > >catch accounts even if not used for one or more days. I did it in php since > >it seemed easy. > > > >What I did was check the last passwd change date and if it hasn't been > >changed > >in a month, it emails the user with a nice email explaining the problems with > >lax security and encouraging them to change their password. It also contains > >info about selecting a "good" password. > > > > > the explanation is a cool idea... i think i'll try to make room for it. > > >They can simply delete it, but they'll get an email every day until they > >change it. > > > > > that's a fair way... but i think i wont be allowed to use it :-( > > >Prohiting access until it was changed would have involved interacting with > >multiple system services that I didn't feel like doing. > > > >The problem now is .. that I can't find the darn thing. > > > >Maybe you can check the wiki while I search my server HD > > > > > yep thx. > > > > > > > > >Pascal Vilarem ([EMAIL PROTECTED]) wrote: > > > > > >>Hi all, > >> > >>I've been asked to force phpgw users to change their passwords once a > >>month... i didn't find something in phpgw to do that straight out of the > >>box... so i guess i'll have to code a little bit. > >> > >>did someone there have to face such a demand ? are there special things > >>i have to care about ? does this little feature interest more people > >>than just me ? (if yes i'll submit a patch) > >> > >>all advices and comments are welcome. > >> > >>Pascal. > >> > >> > > > _______________________________________________ > Phpgroupware-developers mailing list > [email protected] > http://lists.gnu.org/mailman/listinfo/phpgroupware-developers > > _______________________________________________ Phpgroupware-developers mailing list [email protected] http://lists.gnu.org/mailman/listinfo/phpgroupware-developers
