directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Zoerner <ste...@labeo.de>
Subject Re: Missing information on how to lock a user account
Date Fri, 20 Feb 2009 14:21:05 GMT
Emmanuel Lecharny wrote:
>> Just in addition to Emmanuel (who is right), Mike perhaps compares it to
>> vendor specific features, some LDAP servers provide (Active Directory, IBM
>> Tivoli, etc.).
> 
> I would like to know about those features, because I think it might be
> valuable - and really easy - to add them into ADS, if needed. It's
> just a matter of adding an operational attribute into a specific
> ObjectClass and set it when we want to disable a user, for instance
> (just an idea whihc migh be dig a bit more)

We can think about implementing parts of this

http://tools.ietf.org/draft/draft-behera-ldap-password-policy/

It is interesting in general, and contains a chapter about locking 
accounts as well.

Unfortunately, the draft has never become an RFC, and is expired now, as 
far as I know.

Something for the "After 2.0" time, perhaps.

Greetings from Hamburg,
     Stefan


Mime
View raw message