Hi all,
Anybody having this issue?
Thanks in advance!

GUILLERMO FUENTES
SENIOR SYSTEMS ADMINISTRATOR

T: 561-880-2998 x1337

E: guillermo.fuen...@modmed.com



[image: [ Modernizing Medicine ]] <https://www.modmed.com/>
[image: [ Facebook ]] <https://www.facebook.com/modernizingmedicine> [image:
[ LinkedIn ]] <https://www.linkedin.com/company/modernizing-medicine/> [image:
[ YouTube ]] <https://www.youtube.com/user/modernizingmedicine> [image: [
Twitter ]] <https://twitter.com/modmed> [image: [ Blog ]]
<https://www.modmed.com/BlogBeyondEMR> [image: [ Instagram ]]
<https://instagram.com/modernizing_medicine>

[image: [ MOMENTUM 2017 ]] <https://www.eventproducers.events/momentum2017/>


On Tue, Jul 25, 2017 at 11:34 AM, Guillermo Fuentes <
guillermo.fuen...@modernizingmedicine.com> wrote:

> Hi Chris and all!
>
> Chris, thanks for putting together the guide on integrating FreeIPA with
> Okta.
> The integration works fine except for accounts with expired passwords.
> Okta will allow login for an account with an expired password.
> Although the guide says "This is all well documented and supported
> within OKTA.", Okta's support team said they haven't tested the
> integration with FreeIPA and for OKTA to recognize the password has
> expired, the user has to have the pwdReset attribute set to TRUE (for
> expired) or FALSE
> (https://support.okta.com/help/Documentation/Knowledge_
> Article/Configuring-Your-LDAP-Password-Reset-Settings).
> I can't find the pwdReset attribute anywhere in the FreeIPA schema
> which will suggest me I'll have to extend it, unless Okta is willing
> to recognize and honor the krbPasswordExpiration attribute used in the
> guide.
> Did you or someone in the list have gotten this to work properly?
>
> Thanks so much in advance,
> Guillermo
>
> ------------
>
> From: Chris Whittle <cwhittl gmail com>
> To: dpal redhat com
> Cc: freeipa-users <freeipa-users redhat com>
> Subject: Re: [Freeipa-users] Trying To Connect FreeIPA with
> OKTA/OneLogin/Bitium
> Date: Tue, 12 Aug 2014 08:46:26 -0500
>
>
> http://www.freeipa.org/page/HowTo/Integrate_With_Okta
>
>
> On Sat, Aug 9, 2014 at 11:31 PM, Dmitri Pal <dpal redhat com> wrote:
> >
> > On 08/08/2014 04:26 PM, Chris Whittle wrote:
> ...
>
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to