http://bugzilla.mindrot.org/show_bug.cgi?id=869
Summary: Password expiration does not work for LDAP users
Product: Portable OpenSSH
Version: -current
Platform: PPC
OS/Version: AIX
Status: NEW
Severity: critical
Priority: P2
Component: Miscellaneous
AssignedTo: openssh-bugs@mindrot.org
ReportedBy: gokoyev@us.ibm.com
There appears to be a problem with SSH on AIX 5.1 on systems running secldap
client (secldapclntd): ssh ignores the maxage attribute specified for the
SYSTEM=LDAP users in the ldap directory. Instead ssh is looking for the maxage
attribute in the /etc/security/user and the 'lastupdate' in the
/etc/security/passwd. If the default stanza in the /etc/security/user does not
contain maxage the LDAP user never gets a prompt to change the expired password.
If the default stanza does contain the maxage then the user always (even after
changing the password successfully) gets prompted to change the password (LDAP
users do not have stanzas in the /etc/security/passwd with the lastupdate
attribute).
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
Summary: Password expiration does not work for LDAP users
Product: Portable OpenSSH
Version: -current
Platform: PPC
OS/Version: AIX
Status: NEW
Severity: critical
Priority: P2
Component: Miscellaneous
AssignedTo: openssh-bugs@mindrot.org
ReportedBy: gokoyev@us.ibm.com
There appears to be a problem with SSH on AIX 5.1 on systems running secldap
client (secldapclntd): ssh ignores the maxage attribute specified for the
SYSTEM=LDAP users in the ldap directory. Instead ssh is looking for the maxage
attribute in the /etc/security/user and the 'lastupdate' in the
/etc/security/passwd. If the default stanza in the /etc/security/user does not
contain maxage the LDAP user never gets a prompt to change the expired password.
If the default stanza does contain the maxage then the user always (even after
changing the password successfully) gets prompted to change the password (LDAP
users do not have stanzas in the /etc/security/passwd with the lastupdate
attribute).
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.