Topic: iRedAPD's 'CHANGE_PASSWORD_NEVER_EXPIRE_USERS' list *must* exist!
I'm not sure this qualifies as a bona fide 'bug report', but as I have just spent the better part of two days troubleshooting, it deserves some attention!
Symptom: iRedAPD module 'ldap_force_change_password' seems to have no effect, no matter how invoked.
Solution: I found (strictly by accident) that one MUST NOT delete the line defining this empty python list ('CHANGE_PASSWORD_NEVER_EXPIRE_USERS') at the bottom of iRedAPD's 'settings.py' file. Since our organization doesn't really care to expire passwords on a regular basis, no one needs exclusion. Expiry is only used for new accounts, and occasional forced changes. So I deleted that line some time ago in the interest of brevity.
It was only after hours of troubleshooting that I copied the whole iRedAPD directory from another test server, compared several files, and noticed this difference. Thinking I might actually want it after all (someday?), I copied it back into the settings.py...and upon restarting, suddenly 'ldap_force_change_password' module worked! (:facepalm:)
@devs: Seems to me it really should be possible to have a default value in your code, which is overridden by this value in 'settings.py'. That would have saved me a LOT of time...and some hair! ;-)
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.