Rich Megginson wrote:
On 06/07/2011 03:41 PM, Steven Jones wrote:
Hi,

For most users I will want to allow the same password in AD as in
freeipa....so a linux or windows desktop will work with a linux or
windows service.....but for some specific financial servers/services I
need a stricter password capability to meet our audit criteria.
In 389 you can set password policy on a per-user or per-subtree basis.
With a little extra work, you could probably get this working on a
per-group or per-role basis as well. This should apply to IPA as well,
depending on how they have implemented support for password policy.

We have per-group password policy but we don't use the 389-ds password policy engine. What I don't know is what happens if you set a lousy password in AD whether that gets replicated to IPA. Will it be rejected, accepted?

rob

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to