ppolicy virtual attribute support, eg: pwdReset

[scholl]

In the old phpldap it was possible to add a user the pwdReset Attribut

in the ppolicy man page it is described as optional attribute:

pwdReset

   This  attribute indicates whether the user's password has been reset by the administrator and thus must be changed upon first use of this DN for authentication to the directory.  If pwdReset is set to "TRUE", then the password was reset and the user must
   change it upon first authentication.  If the attribute does not exist, or is set to "FALSE", the user need not change their password due to administrative reset.

       (  1.3.6.1.4.1.42.2.27.8.1.22
          NAME 'pwdReset'
          DESC 'The indication that the password has
              been reset'
          EQUALITY booleanMatch
          SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
          SINGLE-VALUE
          USAGE directoryOperation)

for me a password reset on a sssd linux ldap client it's the only solution to change a successful password change.

This Attribute is not available in phpldapadmin, has anyone experience with that?

[leenooks]

At the moment, there is no way to update the pwdReset attribute, either in UI or an UI LDIF - as it is not a schema attribute, but a virtual attribute.

When it exists on a leaf entry, it's value will appear on the Internal tab.