Browse Source
New ESP accounts should have expiring passwords
Currently, when ECLWatch is used to create an ESP account, it sets the "DONT EXPIRE PASSWORD" bit in "userAccountControl" attribute. This is not correct, since account password expiration should be controlled by the domain policy (except for system users). This code change removes the setting of that feature. It should be noted that when we do enable an LDAP password expiration, a script or some other mechanism needs to be utilized to clear that bit in all existing accounts or expiration will not occur. Signed-off-by: William Whitehead <william.whitehead@lexisnexis.com>
William Whitehead
1 changed files with 2 additions and 1 deletions
+ 2
- 1
system/security/LdapSecurity/ldapconnection.cpp
|
|||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||