I would like to enforce password policies on a server that previously did not have any enforcement. The issue that I am having is as soon as I apply the password expire in X number of days all the users are immediately requested to change their password at next login as most of them have not changed their passwords in over a year. I would prefer for them to get a couple of day’s notification that their password has expired or will expire soon and they need to change it. I tested UAL_PWD_WARNING_DAYS=XX in general.cfg and it worked correctly but UAL_PASSWORD_AGED=IGNORE/WARN/ERROR does not seem to work as expected. I get the expected behaviour from setting IGNORE or ERROR but when set to WARN the user is still asked to change their password and not allowed to access their mail box. Does anybody have any ideas on what is wrong or do I not understand the Administration Guide correctly?
UAL_PASSWORD_AGED=
IGNORE, WARN, or ERROR
This option determines the effect of an expired password on a user logging in to
Scalix through a client.
The default value is ERROR. If the user’s password has expired, an error is generated
when the user attempts to log in and the login fails. The login can only
succeed when a valid new password is supplied.
If the value is set to WARN and the user’s password has expired, the user can
log in using the expired password but a warning message is placed in their Inbox
stating that their password has expired and needs to be changed immediately.
(This message appears in the Inbox for the first login of the day.)
If the value is set to IGNORE, any user password expiration condition is
ignored, and a Scalix user is allowed to log in even though their password has
expired.
Regards
Jakes