davidcoutadeur
commented
1 month ago TODO:
- add unit tests (2024-10-25: done)
Closed davidcoutadeur closed 1 month ago
davidcoutadeur
commented
1 month ago TODO:
davidcoutadeur
commented
1 month ago For the record, this feature is experimental in OpenLDAP.
Until the evolution is accepted, the feature could be implemented by:
( 1.3.6.1.4.1.42.2.27.8.1.34
NAME 'pwdAccountDisabled'
DESC 'The time an user account was disabled'
EQUALITY generalizedTimeMatch
ORDERING generalizedTimeOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
SINGLE-VALUE )and adding this attribute to the desired object classes
olcAccess: to attrs=userPassword by set="this/pwdAccountDisabled" none by * break
I have proposed an evolution of the ppolicy draft here: https://bugs.openldap.org/show_bug.cgi?id=10261
The goal is to implement this evolution