Dale Macartney wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Afternoon all I have a demo lab set up with RHEV 3.0 and IPA running on RHEL 6.3 ( ipa-server-2.2-16) I have an api script that handles all my deployments and I am trying to set up a role account for my script to run within a jenkins environment. I have created an ldap sysaccount, however that doesn't appear in the RHEV users list when I do a search. So its clear its looking for specific IPA users. Is there a way (or on the roadmap), to create service/role accounts in IPA where the password doesn't expire? I'm trying to avoid scenarios like this https://access.redhat.com/knowledge/solutions/67562 Any comments / suggestions are welcome Thanks everyone Dale
A work-around is to set krbpasswordexpiration of the user somewhere far in the future to prevent expiration.
We have a ticket open on this, https://fedorahosted.org/freeipa/ticket/2111, currently targeted for IPA 3.3.
rob _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users