IONEL_POPA
asked on
LDAP pwd Exchange Time
I have a LDAP question.
Right now I am deriving the pwd Expiration Date from pwdChangedTime + pwdMaxAge.
I am looking into using another approach... maybe using pwdExpirationWarned?
Looking at these two...
pwdExpireWarning: pwdExpireWarning attribute specifies the maximum number of seconds before a password is about to expire that expiration warning messages will be returned to an authenticating user.
pwdExpirationWarned: Contains the time at which the password expiration warning was first sent to the client
can I assume that pwd Expiration Date is pwdExpirationWarned + pwdExpireWarning ?
Thanks!
Right now I am deriving the pwd Expiration Date from pwdChangedTime + pwdMaxAge.
I am looking into using another approach... maybe using pwdExpirationWarned?
Looking at these two...
pwdExpireWarning: pwdExpireWarning attribute specifies the maximum number of seconds before a password is about to expire that expiration warning messages will be returned to an authenticating user.
pwdExpirationWarned: Contains the time at which the password expiration warning was first sent to the client
can I assume that pwd Expiration Date is pwdExpirationWarned + pwdExpireWarning ?
Thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for your answer.
So, in conclusion is better to use pwdChangeTime +maxAge for defining the expiration date ..I am assuming that LDAP is calculating this in the same way. correct me if I am wrong.
Thanks.