Bug 2174160

Summary: [RFE] Required to support both at a same time account inactivity and expiration.
Product: Red Hat Directory Server Reporter: Danish Shaikh <dshaikh>
Component: Directory ServerAssignee: LDAP Maintainers <idm-ds-dev-bugs>
Status: CLOSED DUPLICATE QA Contact: LDAP QA Team <idm-ds-qe-bugs>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 11.0CC: idm-ds-dev-bugs, mreynolds
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-03-29 14:52:46 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Danish Shaikh 2023-02-28 18:38:01 UTC 
Description of problem:

when creating Account Policy plug-in configuration entry stateAttrName can be either lastLoginTime or createTimestamp.

As a part of customer security compliancy, we are required to support both account inactivity and expiration. This is an urgent requirement which we are trying to realise through RHDS.



Version-Release number of selected component (if applicable):

RHDS 11.


How reproducible:

20.10.2. Account Inactivity and Account Expiration
https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html/administration_guide/account-policy-plugin


Actual results:

- The alternate attribute  option is a fallback when the primary attribute does not exist.

- You can set a secondary attribute in altStateAttrName, that is checked if the primary one defined in stateAttrName does not exist"



Expected results:

As a part of customer security compliance, we are required to support both account inactivity and expiration. 


Additional info:
Comment 1 mreynolds 2023-03-29 14:52:46 UTC 
closing as duplicate of 2174161

*** This bug has been marked as a duplicate of bug 2174161 ***