LDAP authentication and shadowExpire

Steffen Kaiser skdovecot at smail.inf.fh-brs.de
Thu Nov 2 09:50:13 EET 2017


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 30 Oct 2017, Mantas Gegužis wrote:

> I am trying to configure Dovecot (2.2.27) with LDAP passdb, specifically with 
> authentication binds (https://wiki.dovecot.org/AuthDatabase/LDAP/AuthBinds).
>
> Atribute shadowExpire has a unix time stamp value. Is there a way to write 
> pass_filter like shadowExpire<ToDay?
>
> Or maybe there is better way to implement password expiration in Dovecot?

No, I think not.
I use another LDAP attribute to deny access to a certain service, using 
the %s variable.

You could think about adding a new variable to Dovecot.

- -- 
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEVAwUBWfrONXz1H7kL/d9rAQIL8QgAoNmPOJTE0tQZEHhIQGOZ0cq1tsXPoRTn
eOXv+t3uzPJG2xOGq4PmV8fEtJOJANal6k6oW9wAUSqJFYqQhZsO3qXt8ORYjkM8
wM7TBFNGcjPBLkQ9azIJFdIp9FZ6gX76mK67TrJ2kDcALt+KQ5sB0LNs5aAxBDIv
EidTm1NHzNuUYHdF2G2dLRl0y0yy/6kKuJNs1hXDhV/qPdl6fWPkeXtMek7ig6q6
RqF9al5F3FzRTem2mL0NcUKMUfb8bjOcyHhhOBfL/f2RJWqDII+3Ucv8bDRdth0Z
gy9GmY9ad0d+G54oKSrrykiEQfsK7lJ9RFZfSoMAg3jLs+zLenHxsQ==
=glYL
-----END PGP SIGNATURE-----


More information about the dovecot mailing list