2167565 – [RFE] Request for attributes mapper for RHDS similar to MSADUserAccountStorageMapper for MSAD to support Redhat Single Sign On trigger password expired when user password store in RHDS.

Bug 2167565 - [RFE] Request for attributes mapper for RHDS similar to MSADUserAccountStorageMapper for MSAD to support Redhat Single Sign On trigger password expired when user password store in RHDS.

Summary: [RFE] Request for attributes mapper for RHDS similar to MSADUserAccountStorag...

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Directory Server
Classification:	Red Hat
Component:	Directory Server
Sub Component:
Version:	12.0
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Target Release:	---
Assignee:	LDAP Maintainers
QA Contact:	LDAP QA Team
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2023-02-07 04:18 UTC by hagaikwa
Modified:	2023-07-28 09:05 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2023-07-28 09:05:01 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description hagaikwa 2023-02-07 04:18:09 UTC

Description of problem: 
[RFE] Request for attributes mapper for RHDS similar to MSADUserAccountStorageMapper for MSAD to support Redhat Single Sign On trigger password expired when user password store in RHDS.


Version-Release number of selected component (if applicable):
RHDS 12

Comment 2 mreynolds 2023-04-05 14:31:59 UTC

RHDS returns an ldap control when the password is expired.  So Red Hat Single Sign On could properly detect if the password is expired or incorrect if it checked for this control.  This is discussed in the RHDS admin guide:

https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html/administration_guide/understanding_password_expiration_controls

Comment 3 mreynolds 2023-04-12 15:08:58 UTC

(In reply to mreynolds from comment #2)
> RHDS returns an ldap control when the password is expired.  So Red Hat
> Single Sign On could properly detect if the password is expired or incorrect
> if it checked for this control.  This is discussed in the RHDS admin guide:
> 
> https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/
> html/administration_guide/understanding_password_expiration_controls

Are there any concerns with this?  Otherwise we will close this RFE.

Note You need to log in before you can comment on or make changes to this bug.