[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: password expiration

Subject: Re: password expiration
From: Josh Wisenbaker <email@hidden>
Date: Mon, 28 Nov 2005 23:00:47 -0500
Delivered-to: email@hidden
Delivered-to: email@hidden


On Nov 28, 2005, at 5:38 PM, Michael Dinsmore wrote:

Although we are not setting user accounts to auth to AD, we are
enforcing password requirements via pwpolicy.  One of those
restrictions is to change the password every 180 days.

I don't think there is an agreed upon solution to fix this issue;  I
looked at the list, and couldn't find it.

This has been driving me nuts as part of an OD auditing project I've been playing with. I've resorted to learning how to talk to the PWS directly with no luck.

The only visible indication I can find is the date/time stamp on the user's PWS slot. Unfortunately this serves two purposes to show when the password was changed, and when the last login was. So you can't use it to determine password age.

Obviously this last change stamp is kept somewhere so that the PWS can look at the max minutes policy and determine when to expire the password. Where, I have no idea.

Josh

--
Josh Wisenbaker, ACSA
http://www.afp548.com
Breaking my server to save yours.

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden

This email sent to email@hidden

Follow-Ups:
- Re: password expiration
  - From: "Josh Wisenbaker" <email@hidden>

References:
	>password expiration (From: Michael Dinsmore <email@hidden>)

Prev by Date: Admin user corrupt
Next by Date: Re: Proxy Server
Previous by thread: password expiration
Next by thread: Re: password expiration
Index(es):
- Date
- Thread

Home