Rich Megginson wrote:
On 06/07/2011 03:41 PM, Steven Jones wrote:

For most users I will want to allow the same password in AD as in a linux or windows desktop will work with a linux or
windows service.....but for some specific financial servers/services I
need a stricter password capability to meet our audit criteria.
In 389 you can set password policy on a per-user or per-subtree basis.
With a little extra work, you could probably get this working on a
per-group or per-role basis as well. This should apply to IPA as well,
depending on how they have implemented support for password policy.

We have per-group password policy but we don't use the 389-ds password policy engine. What I don't know is what happens if you set a lousy password in AD whether that gets replicated to IPA. Will it be rejected, accepted?


Freeipa-users mailing list

Reply via email to