Joe Linoff wrote:
Hi Petr:

I implemented what you suggested and everything worked pretty well but I
ran into three issues that you might be able to help me with.

The first issue (and the most important) is that the password is only
temporary. I am prompted to reset it the first time that I login. My
goal is to setup a working system quickly to test different
configurations in a batch fashion but having to reset the password for
each user makes that challenging. How can I disable the reset
requirement for my test environment?

This is so only the end-user knows the password.

You can add the DN of the user you are changing passwords with to a list of users who are exempt from password policy.

Think carefully about what user you add to this list, you may not want to use the admin user.

Add the DN to the passSyncManagersDNs attribute in the entry cn=ipa_pwd_extop,cn=plugins,cn=config


Freeipa-users mailing list

Reply via email to