On 06/07/2011 05:41 PM, Steven Jones wrote:
> For most users I will want to allow the same password in AD as in
> freeipa....so a linux or windows desktop will work with a linux or windows
> service.....but for some specific financial servers/services I need a
> stricter password capability to meet our audit criteria.
But you still need to synch the users for those servers or you can
created specific users in IPA and apply more restrictive password
policies to them?
In IPA v2 you can have password policies per group.
> From: Rich Megginson [rmegg...@redhat.com]
> Sent: Wednesday, 8 June 2011 9:36 a.m.
> To: Steven Jones
> Cc: firstname.lastname@example.org
> Subject: Re: [Freeipa-users] sync passwords with AD or not per user
> On 06/07/2011 03:36 PM, Steven Jones wrote:
>>> What sort of password control? Minimum length? Character classes?
>>> Password history checking?
>> yes, yes and yes...
> With plain old 389, you can do all of these and more. IPA has its own
> password checking plugin, so it may differ slightly.
> But what does this have to do with Windows PassSync?
> Freeipa-users mailing list
Sr. Engineering Manager IPA project,
Red Hat Inc.
Looking to carve out IT costs?
Freeipa-users mailing list