[Pkg-shadow-devel] Bug#668998: passwd: Can't expire users stored in LDAP

Per Carlson pelle at hemmop.com
Mon Apr 16 11:50:02 UTC 2012

Package: passwd
Version: 1:4.1.5-1
Severity: normal

While passwd can change the password for a user stored in a LDAP
repository,  it can't "expire" the password. This would be very handy
for an administrator helping users resetting their passwords.

$ sudo passwd -e readonly
passwd: user 'readonly' does not exist in /etc/passwd

$ sudo ldapsearch -xW -H ldap://ns1 "(uid=readonly)"
dn: uid=readonly, ou=People, dc=example, dc=org
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
cn: readonly user
uidNumber: 10001
gidNumber: 100
homeDirectory: /tmp
uid: readonly
loginShell: /bin/bash
shadowMin: 0
shadowLastChange: 15446
userPassword: bla,bla,bla

$ sudo getent passwd readonly
readonly:x:10001:100:readonly user:/tmp:/bin/bash

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (100, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-2-amd64 (SMP w/1 CPU core)
Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages passwd depends on:
ii  debianutils     4.3
ii  libc6           2.13-27
ii  libpam-modules  1.1.3-7
ii  libpam0g        1.1.3-7
ii  libselinux1     2.1.9-2
ii  libsemanage1    2.1.6-2

passwd recommends no packages.

passwd suggests no packages.

-- no debconf information

More information about the Pkg-shadow-devel mailing list