Hi all

With a recent implementation of our intranet, which is Plone 2.5 running
on SuSe/Apache -> NLDAP - NW/eDir , I have noticed some bizzare password

On digging deeper, I think I've nailed it down....

1) Plone has allowed caching of "old" NW passwords, ie/ allowing users
to login to the intranet with two passwords. In some cases it has been
perceived by users that their password has reverted etc etc etc.... I
think I should be able to disable caching, or enable "clear cache" on a
frequent basis for the time being.....

2) How could we allow NDS password expiration to be dealt with via Plone
& Ldap?

ie/ lets say a users NW/eDir password is due to expire at 1pm. They log
into winXP/nwclient at 9am, fine..... Then at 2pm they open a browser
and login into the intranet/plone.

From here within Plone/LDAP I'm not too sure what *really* happens - I
know plone should go to ldap, then ldap to eDir and report back that a
password change is required, but its not doing that, it obviously cant
deal with that situation....

Sooooo, how would I got about dealing with this? Obviously some Novell
auth module to slip into Plone/Apache?

Many thanks