On ma, 18 tammi 2021, Noah Bliss via FreeIPA-users wrote:
Rob,
Thanks for the info! Is there any documentation on how to implement a
generic use-case for this tool? The readthedocs page seems to imply it
is still in the planning stages and (from my perspective) seems a bit
lean on details.
When you'd install freeipa-client-epn, there are two man pages
(ipa-epn(1) and epn.conf(5)) alongside with sample configuration files.
There is also ipa-epn.timer systemd timer that can be used to trigger
regular checks.
Regards,
Noah
Jan 18, 2021 13:21:00 Rob Crittenden via FreeIPA-users
<[email protected]>:
Noah Bliss via FreeIPA-users wrote:
Hey all,
Just wanted to share a couple of tools I whipped up to flesh out some of
the more time consuming or lean feature areas of FreeIPA. Hopefully they
help you! Pull Reuquests and Issues are welcome.
https://github.com/noahbliss/freeipa-sam
FreeIPA-SAM is a simple menu-driven bash script for lifecycle management
of system (service) accounts in LDAP. As a refresher, these seem to be
the accounts you use as connectors to various services, but not for
typical human user login. As there doesn't seem to be a convenient way
to manage these in the WebUI and consistency is key when doing manual
account management, I've found this to be a huge time-saver.
https://github.com/noahbliss/freeipa-pen
FreeIPA-PEN is a bash script designed to be installed on an IPA server
and invoked by cron. It uses a system account to check LDAP and notify
users via email if their password is going to expire soon. For accounts
that do not have an email address or have already expired, it can
generate a weekly/monthly report for you as an admin.
Looks cool, thanks for sharing.
Note that the IPA in 4.9.0+ provides a similar service for your expiring
account notification project, similarly named EPN (Expired Password
Notification).
rob
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
