<quote who="Prakash Velayutham">
> If you use the shadowAccount ObjectClass, I think you can use the
> attribute shadowExpire to control this in OpenLDAP.
Also if you use the Password Policy Overlay, I'm sure this is what SunOne
does with it's own account/policy module.
>
> Prakash
>
>
> On Apr 14, 2008, at 12:28 PM, Andrew Morgan wrote:
>
>> On Sat, 12 Apr 2008, Jyotishmaan Ray wrote:
>>
>>> Please see below for your reply,
>>>
>>> Yes, that is what i exactly meant. Suspend, means not allowing the
>>> user to have successful authentication, without hampering his
>>> password, for some time !!
>>
>> I'm not familiar with OpenLDAP, but the Sun Directory Server offers
>> a way to "disable" accounts. A disabled account will always fail to
>> authenticate to the LDAP server, but the stored password is not
>> modified. The account can be un-disabled anytime without setting a
>> new password.
>>
>> Does OpenLDAP offer a similar feature?
>>
>> Andy
>
> Prakash Velayutham
> Programmer / Analyst
> Cincinnati Children's Hospital Medical Center
>
>
