Automatically expire LDAP users for clubs #110

Open
opened 2023-10-26 03:53:53 -04:00 by merenber · 0 comments
Owner

The LDAP user entries for clubs (which do not have corresponding Kerberos principals) should have shadowExpire=1 set when they no longer have any active club reps. This way, PAM will prevent their cron jobs from running. Resources such as cloud VMs and vhost configs (on caffeine) should automatically get removed/disabled, and an notification email should get sent. A warning email should be sent at least one week in advance.

We will need to add a new API endpoint, e.g. /api/groups/expire.

The LDAP user entries for clubs (which do not have corresponding Kerberos principals) should have `shadowExpire=1` set when they no longer have any active club reps. This way, PAM will prevent their cron jobs from running. Resources such as cloud VMs and vhost configs (on caffeine) should automatically get removed/disabled, and an notification email should get sent. A warning email should be sent at least one week in advance. We will need to add a new API endpoint, e.g. `/api/groups/expire`.
merenber added the
priority
medium
label 2023-10-26 03:53:58 -04:00
Sign in to join this conversation.
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: public/pyceo#110
No description provided.