We use ipa on our red hat boxes and have recently installed a SAS suite/servers for a contract. Their users are a mix of internal/external associates. Integrating with this ipa was straight-forward. Their application is able to use pam, but their logon manager is limited as it does not support ids that have expired or need reset. For security reason, some which are IDM UI related, we cannot expose the web app for those users to reset their passwords. So investigating a little bit, we found a few options but I wanted to solicit any feedback for anyone who has been there done that.
We have the process working via the /ipa/session/change_password via a python script which we could form feed. At the same time I see that there is already a reset_password form, javascript created. So I don't know that this is even necessary. However, I have found that hosting those in a web server isn't working and one person believes that could be related to the wrong ldap hostname. Anyway just wanted to see if anyone has faced this before. Thanks. Shaun McAdams National Government Services Health IT : CPI-Predictive Modeling (o) - 317.595.4905 / x2004905 (c) - 317.430.9845 CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information or otherwise be protected by law. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
