epn.conf - Man Page

Expiring Password Notification configuration file




The epn.conf configuration file is used to set the options for the ipa-epn tool to notify users of upcoming password expiration.


The configuration options are not case sensitive. The values may be case sensitive, depending on the option.

Blank lines are ignored. Lines beginning with # are comments and are ignored.

Valid lines consist of an option name, an equals sign and a value. Spaces surrounding equals sign are ignored. An option terminates at the end of a line.

Values should not be quoted, the quotes will not be stripped.

   # Wrong - don't include quotes
   verbose = "True"

   # Right - Properly formatted options
   verbose = True

Options must appear in the section named [global]. There are no other sections defined or used currently.

Options may be defined that are not used by IPA. Be careful of misspellings, they will not be rejected.


smtp_server <fqdn>

Specifies the SMTP server to use. The default is localhost.

smtp_port <port>

Specifies the SMTP port. The default is 25.

smtp_user <user>

Specifies the id of the user to authenticate with the SMTP server. Default None.

smtp_password <password>

Specifies the password for the authorized user. Default None.

smtp_client_cert <certificate>

Specifies the path to a single file in PEM format containing the certificate. Default None.

smtp_client_key <private key>

Specifies the path to a file containing the private key in. Otherwise the private key will be taken from certfile as well. Default None.

smtp_client_key_pass <private key password>

Specifies the password for decrypting the private key. Default None.

smtp_timeout <seconds>

Specifies the number of seconds to wait for SMTP to respond. Default 60.

smtp_security <security>

Specifies the type of secure connection to make. Options are: none, starttls and ssl. The default is none.

smtp_admin <address>

Specifies the From e-mail address value in the e-mails sent. The default is root@localhost. Bounces will be sent here.

smtp_delay <milliseconds>

Time to wait, in milliseconds, between each e-mail sent to try to avoid overloading the mail queue. The default is 0.

mail_from <address>

Specifies the From: e-mail address value in the e-mails sent. The default is noreply@ipadefaultemaildomain. This value can be found by running ipa config-show

notify_ttls <list of days>

This is the list of days before a password expiration when ipa-epn should notify a user that their password will soon require a reset. If this value is not specified then the default list will be used: 28, 14, 7, 3, 1.

msg_charset <type>

Set the character set of the message. The default is utf8. This will result in he body of the message being base64-encoded.

msg_subtype <type>

Set the message's MIME sub-content type. The default is plain.



Configuration file

See Also


Referenced By


April 28, 2020 IPA Manual Pages