Re: [Freeipa-users] passwd sync

Wed, 28 Mar 2012 13:14:47 -0700 

Hi,

That is cool, but I have not read that anywhere, can we get that bit written 
into the passsync section?  or have I missed it?

regards

Steven Jones

Technical Specialist - Linux RHCE

Victoria University, Wellington, NZ

0064 4 463 6272

________________________________________
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on 
behalf of Dmitri Pal [d...@redhat.com]
Sent: Thursday, 29 March 2012 8:53 a.m.
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] passwd sync

On 03/28/2012 03:50 PM, Steven Jones wrote:
> 8><------
>
> It cannot be a wildcard:
>              if (strcasecmp(krbcfg->passsync_mgrs[i], bindDN) == 0) {
>                  pwdata.changetype = IPA_CHANGETYPE_DSMGR;
>                  break;
>              }
> but it is multivalued.
>
> 8><----------
>
> This is over my head
>
> 8><----------
>
> What exactly are you trying to do?  Defeat password sync for
>
> uid=*,cn=staff,cn=accounts,dc=etc ?  Because I don't think 
> passSyncManagersDNs is what you want for that, unless I'm mistaken.
>
> 8><--------
>
> Ok,  so at present when I setup a new user with a temp password in IPA and 
> give it to the user they have to set a new one on first login to a client.
>
> Once password(s) flow through from AD I don't want the reset password feature 
> in IPA to be functional when a user "first" logs in.
>
> regards
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users

I do not think the password reset is required when you sync the users
from an external source. Only when you added a new user via CLI or UI or
migrated him.

--
Thank you,
Dmitri Pal

Sr. Engineering Manager IPA project,
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to