How to disable password change for openldap user?
Posted
by
Keve
on Server Fault
See other posts from Server Fault
or by Keve
Published on 2014-05-31T12:36:57Z
Indexed on
2014/05/31
15:32 UTC
Read the original article
Hit count: 170
Considering possible solutions for some improvements I run into this theoretical question and I couldn't find a satisfying answer. Some of you may have first-hand experience with this in practice, so here the question goes:
How can I disable password changing for an OpenLDAP user?
The account must stay enabled, allowed to log on to workstations and work as usual, but should not be able to change its own password. Can this be done? If so, how difficult is it to implement it?
All suggestions are appreciated!
For reference: Servers and workstations are to run a mixture of FreeBSD and OpenBSD. Accounts to get password disabled are student or generic workstation accounts. Environment is a school.
© Server Fault or respective owner