I reproduce from the NethServer - Administrator Manual:
“After password expiration, the user will be able to read and send mails but can no longer access the shared folders and printers (Samba) or other computer if the machine is part of the domain.”
That mean that:
- “Password management” works in totality only if we have at least a configured domain (with or without AD) and only for access of the shared folders and printers or other computers from the configured domain.
- Even if we have or not a configured domain, for the Email module, apart for the fact that the users are forced to set strong password and receive warning emails about expiration of the password (with no effect if the password “has expired”), an important function, the “Effect of expired password” is useless.
IMO, this is a major issue regarding “Password management - Effects of expired password”.
The email module is the most exposed part of the informatic system and must be very well protected, not only by Fail2ban, antivirus, antispam, …
How can this issue be solved?
Can be a bug?
“A bug report means something is broken, preventing normal/typical use of NethServer.”