directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sathya S <>
Subject Password expiry enforcement
Date Sat, 17 May 2014 13:48:39 GMT
I am continuing on my experiments with getting password policies
functioning on ApacheDS and I am trying to enable password expiry and a
warning before the expiry.

This is what I have configured on the server:

ads-pwdminlength: 7
ads-pwdinhistory: 5
ads-pwdid: default
ads-pwdcheckquality: 1
ads-pwdlockout: TRUE
ads-pwdlockoutduration: 0

*ads-pwdMaxAge: 300ads-pwdExpireWarning: 180*

My understanding of this is that a user's password is valid for 5 minutes
after which authentication would fail. After 3 minutes up to 5 minutes, he
would be able to login, but would receive a warning about impending expiry.
Is that correct?

I restarted the server after making the above change.

I have the below Java code to authenticate the user:

            Hashtable<String, String> env = new Hashtable<String, String>();
            env.put(Context.PROVIDER_URL, "ldap://localhost:10389");
            env.put(Context.SECURITY_AUTHENTICATION, "simple");
            env.put(Context.SECURITY_CREDENTIALS, "helloworld");

            // Create the initial context

            DirContext ctx = new InitialDirContext(env);

I created this user account almost an hour ago but the authentication still
goes through successfully. Anything I am missing here?


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message