[Dovecot] Help regarding getting password policy response
Hello, I have enabled ldap password policy in my open ldap server and it locks out the account after several unsuccessful bind attempts. I am able to get the password policy response which says "Account locked" by specifying '-e ppolicy' option in my ldapsearch command.
I am looking for a way to get similar response when I use dovecot so that I can specify my clients that their account is locked. I understand the security risks involved but mine is low security and high usability requirement.
Please share the solution with me.
-- Thanks, Sarguru
On Mon, 2011-06-27 at 13:04 +0530, sarguru wrote:
Hello, I have enabled ldap password policy in my open ldap server and it locks out the account after several unsuccessful bind attempts. I am able to get the password policy response which says "Account locked" by specifying '-e ppolicy' option in my ldapsearch command.
I am looking for a way to get similar response when I use dovecot so that I can specify my clients that their account is locked. I understand the security risks involved but mine is low security and high usability requirement.
Maybe pam_ldap can report it as "password expired"? Dovecot forwards that info if PAM reports it. Other than that, you'd need to modify Dovecot's LDAP code.
participants (2)
-
sarguru
-
Timo Sirainen