!!! Overview [1]
[{$pagename}] is a [DirXML-Rule] which can help with [Account Inactivity] [policy] enforcement.

If your desire is to expire accounts after some value of inactivity, we thought this was a cool idea on how you could.

When a user performs a login, the [Login Time] attribute is set. Using this as an event you can then set the [Login Expiration Time] attribute which will prevent the user from performing a login.

Policy:
{{{
<rule>
	<description>EXPIRE-AFTER-INACTIVE-DAYS</description>
	<conditions>
		<and>
			<if-op-attr name="Login Time" op="changing"/>
		</and>
	</conditions>
	<actions>
		<do-trace-message>
			<arg-string>
				<token-text xml:space="preserve">Logins will expire for this user on: </token-text>
				<token-convert-time dest-format="!FULL.DATETIME" dest-tz="UTC" offset="$EXPIRE-AFTER-INACTIVE-DAYS$" offset-unit="day" src-format="!CTIME" src-tz="UTC">
					<token-op-attr name="Login Time"/>
				</token-convert-time>
			</arg-string>
		</do-trace-message>
		<do-set-dest-attr-value name="Login Expiration Time">
			<arg-value type="time">
				<token-convert-time dest-format="!CTIME" dest-tz="UTC" offset="$EXPIRE-AFTER-INACTIVE-DAYS$" offset-unit="day" src-format="!CTIME" src-tz="UTC">
					<token-op-attr name="Login Time"/>
				</token-convert-time>
			</arg-value>
		</do-set-dest-attr-value>
	</actions>
</rule>
}}} 


!! More Information 
There might be more information for this subject on one of the following: 
[{ReferringPagesPlugin before='*' after='\n' }] 
---- 
* [#1] - [http://www.novell.com/communities/node/12964/disable-accounts-after-1-year-inactivity|http://www.novell.com/communities/node/12964/disable-accounts-after-1-year-inactivity|target='_blank'] - 2013-04-10