Handling account state with OpenLDAP/AD for Shibboleth IdP v4.x
Hi to all,
could someone helps me to understand how to configure
"ldap-authn-config.xml" of my new Shibboleth IdP v4.0.1 to handle the
OpenLDAP Account State/Password Policy for the
bindAndSearchAuthenticator and adAuthenticator?
Re: Handling account state with OpenLDAP/AD for Shibboleth IdP v4.x
A person on Slack indicated the V3 wiring isn't working for this for reasons unknown at this point, but the V4 property and configuration files do.
In either case, please do not use this for expiring password notification, that's just a bad idea. Use the expiring password flow, it's orders of magnitude simpler and more reliable to maintain. If you need it for some other function, that's about the only justification for using it.