Feature #6099
closed
Remove temporary LDAP accounts after X amount of time has passed
Added by ben leinfelder almost 11 years ago.
Updated over 10 years ago.
Description
Users are added to a temporary LDAP tree until they activate their account via email. We should remove these accounts after a certain amount of time so that they can either retry their registration if something went wrong or clear out spam that we might receive.
- Description updated (diff)
- Assignee set to Jing Tao
- Target version changed from 2.2.1 to 2.3.0
- Status changed from New to In Progress
- Assignee changed from Jing Tao to ben leinfelder
Trying a dry-run of this on dev2. Using 36 hour expiration for now - configurable in metacat.properties on a per-organization basis.
- Status changed from In Progress to Closed
Now removing expired user accounts in the dc=tmp subtree. This is done whenever someone tries to register an account so there is no cron job needed to trigger the check. This also means that if someone hasn't activated their account in the expiration window, they can retry with the exact same username and it will succeed (since the first tmp account will be removed before we check for duplicate tmp accounts during registration). The only downside is that if no one ever tries to register, we will not clear out whatever accounts have expired, but if that's the case, who cares?
Also available in: Atom
PDF