Hello On Mon, Feb 18, 2013 at 4:52 PM, Vesa Alho <lis...@alho.fi> wrote: > Hi, > > I'm setting up new 389 ds servers and importing data from old 389 server. > One thing is unclear to me. I would like to enforce password expiration > which was not used in old server. Could you explain the following example > value to me: > > passwordExpirationTime: 2011 09 16 07 10 26 Z > => does that mean YYYY-MM-DD-HH-MM-SS (I read max. value is Jan 18 2038)? > => value does not seem to update automatically, no I need to update it > "manually"? >
yes, password expiration is saved in zulu format, which is YYYYMMDDHHMMSSZ. If passwordexpirationtime is greater than current date, user can successfully login, If it is less, User is asked to change his password. > And how does directory wide setting "Password expires in __ days" relate to > this? > When ever a user logs in, current date/time is matched with passwordexpirationtime, If that is higher thn <password warning days> it is ignored, else user is prompted with a warning message "Password will be expired in X days" > -Vesa > -- > 389 users mailing list > 389-us...@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/389-users Regards Arpit Tolani -- 389 users mailing list 389-us...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
