Mark Hannessen wrote:
Hi List,

Does anyone know if it is possible to change the password of a use from an web application other then FreeIPA itself?

In some of the web apps we have we want to integrate the ability for users to change their password. But since FreeIPA uses kerberos as well, i am not sure how safe it would be to do this directly through LDAP.

Does anyone have any hints on how to best approach this?

Whenever a password is changed we update all passwords (LDAP, kerberos, etc). So you can do a password change over LDAP and this will also update the kerberos key.

If you change another user's password (e.g. admin reset) then that user will need to change their password on the first kinit. You can change your own password without requiring a reset.


Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Freeipa-users mailing list

Reply via email to