HI,
I have a SharePoint site for a client, it is driving me crazy because
the sales people are telling me that the users for this site, cant have
their password expiring. The client is a government agency, so I don't
want to be responsible for any information being stolen.
How big of a security risk is not having password expiring? it seems to
me like security 101, but the sales guy is saying that banks don't ask
you to change your password every X day, good point.
Something I was thinking is having SharePoint authenticating with their
LDAP server, is this possible to do? can anybody point to a url on how
to do this?
thanks
Rezuma

You might consider creating an ADAM instance which is a copy of their
LDAP source and authenticate against it. But I fully agree with you that
the better way is allow passwords to expire. If you set up the IIS
password changing extension on the server you might be able to integrate
it in such a way that they can change their passwords against it. I'm
assuming that certificate based authentication is out of the question?

From: ActiveDir-owner (AT) mail (DOT) activedir.org
[mailto:ActiveDir-owner (AT) mail (DOT) activedir.org] Behalf Ramon Linan
Sent: 19 September 2006 17:45
To: ActiveDir (AT) mail (DOT) activedir.org
Subject: RE: [ActiveDir] SHAREPINT AND EXTERNAL LDAP

HI,

I have a SharePoint site for a client, it is driving me crazy because
the sales people are telling me that the users for this site, cant have
their password expiring. The client is a government agency, so I don't
want to be responsible for any information being stolen.

How big of a security risk is not having password expiring? it seems to
me like security 101, but the sales guy is saying that banks don't ask
you to change your password every X day, good point.

Something I was thinking is having SharePoint authenticating with their
LDAP server, is this possible to do? can anybody point to a url on how
to do this?

thanks

Rezuma

Disclaimer:
The Development Bank of Southern Africa exercises no control over information contained in any e-mail message originating from within the organisation. The Bank makes no representation relating to the completeness or accuracy and accepts no responsibility for any loss, damage or liability that is incurred by reliance on the content hereof by the recipient or any other party. Each page attached hereto must also be read in conjunction with any disclaimer, which forms part of it.
Confidentiality:
The e-mail is privileged and confidential and for use of the addressee only. Should you have received this e-mail in error, please return it to webmaster (AT) dbsa (DOT) org. Dissemination, disclosure, copying or any similar actions of the content of this e-mail is strictly prohibited.