On Tue, Jul 12, 2005 at 12:02:38PM -0300, Paulo Ricardo Bruck wrote: > Does anyone know how to force users to change their passwords from , let > me say, 30 to 30 days, without using pam_auth ? > And before that limit day he receives an alert telling him that his > password is going to be expired?? ( preferencially via web browser or > inside the authenticated method used).
That will not be possible "inside" the authentication method. But you can write a script that works as an "external_acl". It would do whatevery queries are necessary to determine how long it has been since the last password change. In combination with a "deny_info" you can send the user an error message telling them to change their password. Christoph -- ~ ~ ~ ".signature" [Modified] 3 lines --100%-- 3,41 All
