summaryrefslogtreecommitdiffstats
path: root/src/providers/ldap/sdap_access.h
diff options
context:
space:
mode:
authorPavel Reichl <preichl@redhat.com>2015-01-20 18:34:44 -0500
committerJakub Hrozek <jhrozek@redhat.com>2015-03-05 20:30:43 +0100
commit13ec767e6ca3e435e119f1f07bda10eb213383f6 (patch)
treefaef47c375200d7a915e920ad63e6b223f572531 /src/providers/ldap/sdap_access.h
parent5a5c5cdeb92f4012fc75fd717bfea06598f68f12 (diff)
downloadsssd-13ec767e6ca3e435e119f1f07bda10eb213383f6.tar.gz
sssd-13ec767e6ca3e435e119f1f07bda10eb213383f6.tar.xz
sssd-13ec767e6ca3e435e119f1f07bda10eb213383f6.zip
SDAP: Lock out ssh keys when account naturally expires
Resolves: https://fedorahosted.org/sssd/ticket/2534 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/providers/ldap/sdap_access.h')
-rw-r--r--src/providers/ldap/sdap_access.h3
1 files changed, 3 insertions, 0 deletions
diff --git a/src/providers/ldap/sdap_access.h b/src/providers/ldap/sdap_access.h
index a8c663910..6e637be56 100644
--- a/src/providers/ldap/sdap_access.h
+++ b/src/providers/ldap/sdap_access.h
@@ -35,6 +35,7 @@
#define SYSDB_LDAP_ACCESS_CACHED_LOCKOUT "ldap_access_lockout_allow"
/* names of ppolicy attributes */
#define SYSDB_LDAP_ACCESS_LOCKED_TIME "pwdAccountLockedTime"
+#define SYSDB_LDAP_ACESS_LOCKOUT_DURATION "pwdLockoutDuration"
#define SYSDB_LDAP_ACCESS_LOCKOUT "pwdLockout"
#define LDAP_ACCESS_FILTER_NAME "filter"
@@ -45,6 +46,7 @@
#define LDAP_ACCESS_SERVICE_NAME "authorized_service"
#define LDAP_ACCESS_HOST_NAME "host"
#define LDAP_ACCESS_LOCK_NAME "lockout"
+#define LDAP_ACCESS_PPOLICY_NAME "ppolicy"
#define LDAP_ACCOUNT_EXPIRE_SHADOW "shadow"
#define LDAP_ACCOUNT_EXPIRE_AD "ad"
@@ -63,6 +65,7 @@ enum ldap_access_rule {
LDAP_ACCESS_EXPIRE_POLICY_REJECT,
LDAP_ACCESS_EXPIRE_POLICY_WARN,
LDAP_ACCESS_EXPIRE_POLICY_RENEW,
+ LDAP_ACCESS_PPOLICY,
LDAP_ACCESS_LAST
};
generated by cgit (git 2.34.1) at 2024-05-17 04:57:25 +0000