1

Topic: Regarding password expiry

I am using latest iredAdmin Pro ldap on CentOs

Is it possible to include a check box like "password will never Expire" on password change fields.It is very a good feature but some of our users especially those who are sitting at top are annoyed with this.So is it possible to selectively apply this policy on user ids by putting a check box near password change field.

Is it possible to download the list of users by domain wise whose passwords are going to expire with in seven days from iRedAdminpro pannel? Then we can send mails to those users using postmaster with a specific content.


I

2

Re: Regarding password expiry

bijuedathodi wrote:

Is it possible to include a check box like "password will never Expire" on password change fields.It is very a good feature but some of our users especially those who are sitting at top are annoyed with this.So is it possible to selectively apply this policy on user ids by putting a check box near password change field.

iRedMail doesn't check password expiry at all, so no need to have a "Password will never Expire" checkbox.

P.S. Do you force all users to change password in 90 days?

bijuedathodi wrote:

Is it possible to download the list of users by domain wise whose passwords are going to expire with in seven days from iRedAdminpro pannel? Then we can send mails to those users using postmaster with a specific content.

Unfortunately, no.

But i have a better idea:

*) If user changes password with Roundcube webmail, Roundcube will log the date password changed. This is available in all 3 backends.
*) So we can add a new iRedAPD (our Postfix policy server) plugin to check password expiry. For example, we ask all users to change their passwords in 90 days, then we can reject outbound email if sender's password expired. Of course we should tell mail user go to webmail to change password.
*) [OPTIONAL] We can add a cron job to check password expiry. If password is about to expire in 7 days, send email notification to this user.

How about this?

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

3

Re: Regarding password expiry

Can someone confirm if there is a force password change period builtin? In our case we set random password for all our users, they don't even know what it is. We do not want or need the system to force user to change password (most will never login via webmail).

In short we do not want password to auto expire.

4

Re: Regarding password expiry

woods wrote:

Can someone confirm if there is a force password change period builtin?

No.

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

5

Re: Regarding password expiry

have you ever pieced together the cron job for sending warning emails?

6

Re: Regarding password expiry

Hi fsantiago06111979,

You replied to a 3-year old thread.

Update: iRedAPD has plugins to enforce password change in given days (defaults to 90 days). Documents are available here: http://www.iredmail.org/docs/force.user … sword.html

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

7

Re: Regarding password expiry

Hello Zhang,
I would enable this feature on one or more domain only, not for all domains.
Is there a away?

Thanks,
regards.

8

Re: Regarding password expiry

mr.cocco wrote:

I would enable this feature on one or more domain only, not for all domains.
Is there a away?

How about set the password last change date to, for example, 2099-12-31 for the domains you don't want to apply the plugin? It's tricky but it should work.

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

9

Re: Regarding password expiry

ZhangHuangbin wrote:
mr.cocco wrote:

I would enable this feature on one or more domain only, not for all domains.
Is there a away?

How about set the password last change date to, for example, 2099-12-31 for the domains you don't want to apply the plugin? It's tricky but it should work.

Nice trick!
Should I edit ldap fields in my backend? Have you some suggestions to edit all domain users at the same time?

Thanks for your collaboration.

10

Re: Regarding password expiry

mr.cocco wrote:

Should I edit ldap fields in my backend?

Yes.

mr.cocco wrote:

Have you some suggestions to edit all domain users at the same time?

Write a simple Python/Perl/Shell script to do this big_smile

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee