LDAP Users must change their password regularly according to the password policy.
LDAP Users must change their password regularly according to the password
When the old password isn't valid anymore but hasn't been changed yet, there's a grace period of six logins before the account is suspended. The plugin shows a reminder before password expiration and another reminder if only less than six logins remain before account suspension because of password expiration.
policy.
When the old password isn't valid anymore but hasn't been changed yet, there's
##Configuration
a grace period of six logins before the account is suspended. The plugin shows
The Plugin provides six entries in Stud.IP global configuration, all in the section 'ldappasswordexpiryplugin':
a reminder before password expiration and another reminder if only less than
-*LDAPPASSWORDEXPIRYPLUGIN_AUTHPLUGINS*
six logins remain before account suspension because of password expiration.
Comma-separated list of Stud.IP auth plugins that shall be monitored by this plugin.
-*LDAPPASSWORDEXPIRYPLUGIN_GRACELOGINATTRIBUTE*
Name of the LDAP attribute that is used for storing how many grace logins remain until the account is suspended after password expiration. Leave empty if not applicable.
Default is "loginGraceRemaining".
-*LDAPPASSWORDEXPIRYPLUGIN_LOGINLIMITATTRIBUTE*
Name of the LDAP attribute that stores the number of grace logins a user has after password expiration. Leave empty if not applicable.
Default is "loginGraceLimit".
-*LDAPPASSWORDEXPIRYPLUGIN_PASSWORDCHANGEURL*
URL of a website where users can change their current password. Leave empty if not applicable.