September 29th, 2010, 10:37 AM
ShadowLastChange not being updated by non Linux clients?
Does anyone know if the shadowLastChange attribute is needed by Linux for the issuing of password warnings? I know that its value is read but the scenario I have is a mixed platform environment consisting of Solaris, HPUX AIX and Linux clients. It seems that only the Linux pam updates this attribute and all the other Operating systems are able to issue warnings without reading it?
October 5th, 2010, 12:25 PM
solution - remove shadow attributes
Well we managed to get a step further. By removing all shadow related attributes on the Directory Server, the Linux server configured with pam ldap started working (issuing time to expiry when logging in) - without the need for the shadowLastChange . Just posting this reply to my own message in case it helps someone else struggling with the same sort of issue.
Originally Posted by rodallen69