[Bug 869] Password expiration does not work for LDAP users
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Tue May 18 08:40:10 EST 2004
http://bugzilla.mindrot.org/show_bug.cgi?id=869
Summary: Password expiration does not work for LDAP users
Product: Portable OpenSSH
Version: -current
Platform: PPC
OS/Version: AIX
Status: NEW
Severity: critical
Priority: P2
Component: Miscellaneous
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: gokoyev at us.ibm.com
There appears to be a problem with SSH on AIX 5.1 on systems running secldap
client (secldapclntd): ssh ignores the maxage attribute specified for the
SYSTEM=LDAP users in the ldap directory. Instead ssh is looking for the maxage
attribute in the /etc/security/user and the 'lastupdate' in the
/etc/security/passwd. If the default stanza in the /etc/security/user does not
contain maxage the LDAP user never gets a prompt to change the expired password.
If the default stanza does contain the maxage then the user always (even after
changing the password successfully) gets prompted to change the password (LDAP
users do not have stanzas in the /etc/security/passwd with the lastupdate
attribute).
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list