Hi
i want to ask , if there a way allows the admin to provide an account with password expired after certain of time. and after a certain time the password will not valid . i see there is field named " Password expiration" , how can i control it for specified user ?
Hi,
On Wed, Apr 17, 2019 at 4:33 PM mustafa taha via FreeIPA-users freeipa-users@lists.fedorahosted.org wrote:
Hi
i want to ask , if there a way allows the admin to provide an account with password expired after certain of time. and after a certain time the password will not valid . i see there is field named " Password expiration" , how can i control it for specified user ?
"ipa help commands" would list all the commands you can use.
I think what you want to achieve can be done with: "ipa user-mod LOGIN --password-expiration=DATETIME"
François
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste...
François Cami via FreeIPA-users wrote:
Hi,
On Wed, Apr 17, 2019 at 4:33 PM mustafa taha via FreeIPA-users freeipa-users@lists.fedorahosted.org wrote:
Hi
i want to ask , if there a way allows the admin to provide an account with password expired after certain of time. and after a certain time the password will not valid . i see there is field named " Password expiration" , how can i control it for specified user ?
"ipa help commands" would list all the commands you can use.
I think what you want to achieve can be done with: "ipa user-mod LOGIN --password-expiration=DATETIME"
Or if you want the account to be not usable at all after a certain date use --principal-expiration=DATETIME.
rob
Hi Mustafa,
On Wed, 17 Apr 2019, mustafa taha via FreeIPA-users wrote:
i want to ask , if there a way allows the admin to provide an account with password expired after certain of time. and after a certain time the password will not valid . i see there is field named " Password expiration" , how can i control it for specified user ?
you could create a new group and set the desired "Max lifetime" in "Policy" -> "Password Policies" for this group. If you add users to this group, their (next) password will expire after whatever you set as "Max lifetime", instead of the default 180 days.
Mit freundlichen Gruessen/With best regards,
--Daniel.
freeipa-users@lists.fedorahosted.org