On 09/22/2014 02:23 PM, Ron wrote:
We would like to add some users that are currently in the
password/shadow files on some servers into IPA.
Is there any way to copy (preferably via a script) the encrypted
password into IPA so that we do not have to have them reset their
Our idea is to use the "IPA user-add" command to create the user then
insert their encrypted password into their IPA entry.
The most probably answer is no since the hash types would not match
between what you have in the files and what LDAP server expects.
If you by any chance configured your files to use other hashes than
default it might match. You can go the other way and reconfigure the
LDAP server but AFAIR it is not recommended.
The user-add command would not work anyways as it does not accept hash
as an input. Or I should say it would allow you to add users without
passwords in a script.
You can set a random password, send it to account owner in a script and
make account owners to change passwords (default) on the first use.
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project