On Mon, 2011-06-27 at 13:04 +0530, sarguru wrote: > Hello, > I have enabled ldap password policy in my open ldap server and it locks > out the account after several unsuccessful bind attempts. I am able to > get the password policy response which says "Account locked" by > specifying '-e ppolicy' option in my ldapsearch command. > > I am looking for a way to get similar response when I use dovecot so > that I can specify my clients that their account is locked. I understand > the security risks involved but mine is low security and high usability > requirement.
Maybe pam_ldap can report it as "password expired"? Dovecot forwards that info if PAM reports it. Other than that, you'd need to modify Dovecot's LDAP code.
