1

Topic: Regarding password expiry

I am using latest iredAdmin Pro ldap on CentOs

Is it possible to include a check box like "password will never Expire" on password change fields.It is very a good feature but some of our users especially those who are sitting at top are annoyed with this.So is it possible to selectively apply this policy on user ids by putting a check box near password change field.

Is it possible to download the list of users by domain wise whose passwords are going to expire with in seven days from iRedAdminpro pannel? Then we can send mails to those users using postmaster with a specific content.


I

2

Re: Regarding password expiry

bijuedathodi wrote:

Is it possible to include a check box like "password will never Expire" on password change fields.It is very a good feature but some of our users especially those who are sitting at top are annoyed with this.So is it possible to selectively apply this policy on user ids by putting a check box near password change field.

iRedMail doesn't check password expiry at all, so no need to have a "Password will never Expire" checkbox.

P.S. Do you force all users to change password in 90 days?

bijuedathodi wrote:

Is it possible to download the list of users by domain wise whose passwords are going to expire with in seven days from iRedAdminpro pannel? Then we can send mails to those users using postmaster with a specific content.

Unfortunately, no.

But i have a better idea:

*) If user changes password with Roundcube webmail, Roundcube will log the date password changed. This is available in all 3 backends.
*) So we can add a new iRedAPD (our Postfix policy server) plugin to check password expiry. For example, we ask all users to change their passwords in 90 days, then we can reject outbound email if sender's password expired. Of course we should tell mail user go to webmail to change password.
*) [OPTIONAL] We can add a cron job to check password expiry. If password is about to expire in 7 days, send email notification to this user.

How about this?

3

Re: Regarding password expiry

Can someone confirm if there is a force password change period builtin? In our case we set random password for all our users, they don't even know what it is. We do not want or need the system to force user to change password (most will never login via webmail).

In short we do not want password to auto expire.

4

Re: Regarding password expiry

woods wrote:

Can someone confirm if there is a force password change period builtin?

No.