diff options
author | Pavel Reichl <preichl@redhat.com> | 2015-01-20 18:34:44 -0500 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-03-05 20:30:43 +0100 |
commit | 13ec767e6ca3e435e119f1f07bda10eb213383f6 (patch) | |
tree | faef47c375200d7a915e920ad63e6b223f572531 /src/providers/ldap/sdap_access.h | |
parent | 5a5c5cdeb92f4012fc75fd717bfea06598f68f12 (diff) | |
download | sssd-13ec767e6ca3e435e119f1f07bda10eb213383f6.tar.gz sssd-13ec767e6ca3e435e119f1f07bda10eb213383f6.tar.xz sssd-13ec767e6ca3e435e119f1f07bda10eb213383f6.zip |
SDAP: Lock out ssh keys when account naturally expires
Resolves:
https://fedorahosted.org/sssd/ticket/2534
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/providers/ldap/sdap_access.h')
-rw-r--r-- | src/providers/ldap/sdap_access.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/providers/ldap/sdap_access.h b/src/providers/ldap/sdap_access.h index a8c663910..6e637be56 100644 --- a/src/providers/ldap/sdap_access.h +++ b/src/providers/ldap/sdap_access.h @@ -35,6 +35,7 @@ #define SYSDB_LDAP_ACCESS_CACHED_LOCKOUT "ldap_access_lockout_allow" /* names of ppolicy attributes */ #define SYSDB_LDAP_ACCESS_LOCKED_TIME "pwdAccountLockedTime" +#define SYSDB_LDAP_ACESS_LOCKOUT_DURATION "pwdLockoutDuration" #define SYSDB_LDAP_ACCESS_LOCKOUT "pwdLockout" #define LDAP_ACCESS_FILTER_NAME "filter" @@ -45,6 +46,7 @@ #define LDAP_ACCESS_SERVICE_NAME "authorized_service" #define LDAP_ACCESS_HOST_NAME "host" #define LDAP_ACCESS_LOCK_NAME "lockout" +#define LDAP_ACCESS_PPOLICY_NAME "ppolicy" #define LDAP_ACCOUNT_EXPIRE_SHADOW "shadow" #define LDAP_ACCOUNT_EXPIRE_AD "ad" @@ -63,6 +65,7 @@ enum ldap_access_rule { LDAP_ACCESS_EXPIRE_POLICY_REJECT, LDAP_ACCESS_EXPIRE_POLICY_WARN, LDAP_ACCESS_EXPIRE_POLICY_RENEW, + LDAP_ACCESS_PPOLICY, LDAP_ACCESS_LAST }; |