How do I make Collaborator 9.4 forget users passwords?

Question

I am running Collaborator 9.4.9401 in a UNIX environment and authenticating users via LDAP. I have users who are able to login to Collaborator, from a windows/AD domain, sometimes for months after their UNIX/LDAP account password has expired.

How can I make Collaborator authenticate each user to LDAP at each Collaborator logon, and/or, make Collaborator not allow user login if their LDAP account is expired?

mrdubya · Answer

There may be two options (I know are in version 11, and I'm assuming are also in version 9) which could help, both around invalidating a user's login ticket, requiring Administrator access:&nbsp;You can manually invalidate the login ticket immediately for any user by editing their settings and clicking "Invalidate Login Ticket".You can set the external client "Login ticket time-to-live" value from the default 0 (eternal) to invalidate a user's login ticket after X hours.&nbsp; I'm assuming this would also require a user to re-login via the web user interface, but I'm not 100% sure.&nbsp;

mrdubya · Answer

Happy to hear you're almost there, one workaround I thought of is to create another "dummy" script to run at a frequency just a bit higher than your time-to-live value to ensure the script account doesn't time out.&nbsp; I do like the idea of configuring accounts that don't expire to avoid having to do that - I suggest you log that in the feature requests board.

john_howson · Answer

Thank you, "Dubs".I haven't had the opportunity to implement or test your solution yet - paperwork.&nbsp; I'll let you know the outcome!

john_howson · Answer

Now I have a new requirement.&nbsp; The authentication expiration, the time-to-live, ticket has to expire for all users EXCEPT for one admin user.&nbsp; That admin user is the ccollab administrator account and it is the account used by the scripts run by various triggers in coco.&nbsp; If this account expires the scripts will not run.I may have to post this as a new question to the forum, but I'm thinking about changing collaborators authentication mechanism from LDAP to collaborators own internal authentication.&nbsp; That will break the 60 day PW change requirement and nullify the original problem.&nbsp;I don't know how that will affect the existing user accounts, existing inspections, etc. At this point I'm not even sure if it's possible to make that change without a fresh installation.

john_howson · Answer

Dummy script is not a bad idea!&nbsp; Thanks Dubya!

Forum Discussion

How do I make Collaborator 9.4 forget users passwords?

Recent Discussions

Getting list of all users via cli cmd

How to migrate Code Collaborator database from MySQL 5.6 on RedHat to MySQL 8.0 on Ubuntu?

Dismiss Review / Commit Files - message

Related Content

Encrypt passwords and master password?

SessionCreator - password encryption in command?

password reset