hi rob,

You can only specify password policy for User Groups, not host groups,
so there is no way to do this currently. It also isn't that
fine-grained. The minimum lifetime is 1 hour, the minimum of the maximum
lifetime is 1 day.

I don't see why support for Host Groups (and therefore Hosts) can't be
added. I'm not 100% sure about the tuning for min/max lifetime but it
should be possible. AFAIR we convert the values from seconds to hours
and days.
the values are converted and appear to get stored in seconds (looking at the code, maybe i misunderstand it).

Can you file a ticket at https://fedorahosted.org/freeipa/newticket ?
will do



Freeipa-users mailing list

Reply via email to