LDAPWiki: SasUpdateLoginInfo

Overview #

The SasUpdateLoginInfo[1] attribute is one of the Attributes that controls the updates of Login Attributes For eDirectory NMAS logins. Use the attribute to control the updates of login- related attributes for the following:

User
Container of the user
Partition root
LoginPolicy

If the attribute is set on the SASLoginPolicy object, the setting becomes effective after the next policy refresh cycle. If the attribute is not set for the User/Container/Partition root /SASLoginPolicy, the value set on a server via command line is used to maintain backward compatibility. The SasUpdateLoginInfo attribute can have the following values:

0 or off: Do not update any login attributes.
1: Only update attributes that are required by intruder detection.
2: Update all login attributes except unused user password policy attributes.
3 or on: Update all login attributes.

NOTE:The LoginTime attribute is not updated on consecutive successful logins during the interval. However, if there is a login failure during the interval followed by successful login, the Login Time attribute will be updated. The interval time from the successful login is counted.

The {$pagename}] attribute is effective only if the sasUpdateLoginInfo attribute value is set to 2 or 3.

You can set or manually edit the value of the sasUpdateLoginInfo attribute either via iManager or via an ldif file. For example:

 
#cat changesasUpdateLoginInfo.ldif 
dn: cn=user1,o=org 
changetype: modify 
replace: sasUpdateLoginInfo 
sasUpdateLoginInfo: 1

More Information #

There might be more information for this subject on one of the following:

[#1] - http://www.novell.com/support/kb/doc.php?id=7006492 - based on 2013-05-22
2# - Using the sasUpdateLoginInfo and sasUpdateLoginTimeInterval Attribute - based on 2018-09-29