Hi, That is cool, but I have not read that anywhere, can we get that bit written into the passsync section? or have I missed it?
regards Steven Jones Technical Specialist - Linux RHCE Victoria University, Wellington, NZ 0064 4 463 6272 ________________________________________ From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on behalf of Dmitri Pal [d...@redhat.com] Sent: Thursday, 29 March 2012 8:53 a.m. To: freeipa-users@redhat.com Subject: Re: [Freeipa-users] passwd sync On 03/28/2012 03:50 PM, Steven Jones wrote: > 8><------ > > It cannot be a wildcard: > if (strcasecmp(krbcfg->passsync_mgrs[i], bindDN) == 0) { > pwdata.changetype = IPA_CHANGETYPE_DSMGR; > break; > } > but it is multivalued. > > 8><---------- > > This is over my head > > 8><---------- > > What exactly are you trying to do? Defeat password sync for > > uid=*,cn=staff,cn=accounts,dc=etc ? Because I don't think > passSyncManagersDNs is what you want for that, unless I'm mistaken. > > 8><-------- > > Ok, so at present when I setup a new user with a temp password in IPA and > give it to the user they have to set a new one on first login to a client. > > Once password(s) flow through from AD I don't want the reset password feature > in IPA to be functional when a user "first" logs in. > > regards > > > _______________________________________________ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users I do not think the password reset is required when you sync the users from an external source. Only when you added a new user via CLI or UI or migrated him. -- Thank you, Dmitri Pal Sr. Engineering Manager IPA project, Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users