Hi,
We have 389DS as our main directory server, and we use it with many applications. recently we moved our mail application to Zimbra. Zimbra can use an external LDAP server for authentication, and we did configure that and it works.
In 389DS, in password policy configuration, there is the check-box to force a user to change his password on the first login, we did try it but, without success.
Could this parameter be used to force users to change their passwords?
Regards.
https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail Garanti sans virus. www.avast.com https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
On 12/14/18 12:38 PM, wodel youchi wrote:
Hi,
We have 389DS as our main directory server, and we use it with many applications. recently we moved our mail application to Zimbra. Zimbra can use an external LDAP server for authentication, and we did configure that and it works.
In 389DS, in password policy configuration, there is the check-box to force a user to change his password on the first login, we did try it but, without success.
Right, because after setting this you must reset all the passwords using directory manager(or some admin account). Then the user is forced to change their password at next login. Basically a flag gets set in the entry after it is reset by an admin, but until its reset there is no flag to check - so users are not forced to reset their passwords.
HTH, Mark
Could this parameter be used to force users to change their passwords?
Regards.
https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail Garanti sans virus. www.avast.com https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail
389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject....
Hi,
I don't think that you can use this parameter to request your user to change their password from Zimbra application . I don't know how Zimbra manage user access but AFAIK Zimbra is php application or something like this that query ldap through binding and spécifique language ldap api. To do what you requested, Zimbra ldap call must be able to check user account expiration and request for change.
i used to set this option with Unix users with Pam that queries LDAP.
Hope that could be help
Le ven. 14 déc. 2018 à 18:38, wodel youchi wodel.youchi@gmail.com a écrit :
Hi,
We have 389DS as our main directory server, and we use it with many applications. recently we moved our mail application to Zimbra. Zimbra can use an external LDAP server for authentication, and we did configure that and it works.
In 389DS, in password policy configuration, there is the check-box to force a user to change his password on the first login, we did try it but, without success.
Could this parameter be used to force users to change their passwords?
Regards.
https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail Garanti sans virus. www.avast.com https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail <#m_-1286929758944121391_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> _______________________________________________ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject....
389-users@lists.fedoraproject.org