b- Original Message -
> On Mon, May 12, 2014 at 6:22 PM, Dmitri Pal wrote:
> > On 05/12/2014 06:07 PM, James wrote:
> >>
> >> On Mon, 2014-05-12 at 17:56 -0400, Dmitri Pal wrote:
> >>>
> >>> Is there any other attribute to look at?
> >>> For example the timestamp when it was last set and b
- Original Message -
> On Mon, 2014-05-12 at 17:56 -0400, Dmitri Pal wrote:
> > Is there any other attribute to look at?
> > For example the timestamp when it was last set and base the update on
> > that rather than on matching password values?
> >
> There are some other solutions, but the
On Tue, May 13, 2014 at 10:36 AM, Dmitri Pal wrote:
> This is their problem. Why would we aid them to do wrong things and make it
> easier?
> I really miss the point. Why it is all needed?
> Why do you need to reset passwords in IPA through puppet?
> What is the use case?
Give me about a week and
On 05/12/2014 10:37 PM, James wrote:
On Mon, May 12, 2014 at 6:22 PM, Dmitri Pal wrote:
On 05/12/2014 06:07 PM, James wrote:
On Mon, 2014-05-12 at 17:56 -0400, Dmitri Pal wrote:
Is there any other attribute to look at?
For example the timestamp when it was last set and base the update on
that
On Mon, May 12, 2014 at 6:22 PM, Dmitri Pal wrote:
> On 05/12/2014 06:07 PM, James wrote:
>>
>> On Mon, 2014-05-12 at 17:56 -0400, Dmitri Pal wrote:
>>>
>>> Is there any other attribute to look at?
>>> For example the timestamp when it was last set and base the update on
>>> that rather than on ma
On 05/12/2014 06:07 PM, James wrote:
On Mon, 2014-05-12 at 17:56 -0400, Dmitri Pal wrote:
Is there any other attribute to look at?
For example the timestamp when it was last set and base the update on
that rather than on matching password values?
There are some other solutions, but they are le
On Mon, 2014-05-12 at 17:56 -0400, Dmitri Pal wrote:
> Is there any other attribute to look at?
> For example the timestamp when it was last set and base the update on
> that rather than on matching password values?
>
There are some other solutions, but they are less elegant or don't work
consist
On 05/12/2014 04:28 PM, James wrote:
On Mon, 2014-05-12 at 16:25 -0400, Dmitri Pal wrote:
Yes and this was my point too. If you have root you do not need to
know
the old password. You can just reset the current one to what you want.
I agree, with you. This isn't about functionality, it's about
On Mon, 2014-05-12 at 09:11 +0200, Martin Kosek wrote:
> 1) Get fbar1;s b64 encoded password hash:
>
> # ldapsearch -Y EXTERNAL -H ldapi://%2fvar%2frun%
> 2fslapd-EXAMPLE-COM.socket -b
> 'uid=fbar1,cn=users,cn=accounts,dc=example,dc=com' userPassword
This seems to work great. I used user 'admin'.
On Mon, 2014-05-12 at 16:25 -0400, Dmitri Pal wrote:
> Yes and this was my point too. If you have root you do not need to
> know
> the old password. You can just reset the current one to what you want.
I agree, with you. This isn't about functionality, it's about automating
functionality. Puppet
On 05/12/2014 03:43 AM, Alexander Bokovoy wrote:
On Mon, 12 May 2014, Martin Kosek wrote:
On 05/12/2014 03:47 AM, James wrote:
On Sun, May 11, 2014 at 9:02 PM, Dmitri Pal wrote:
On 05/11/2014 06:31 PM, James wrote:
On Sun, May 11, 2014 at 3:04 PM, Dmitri Pal wrote:
This is scary.
This me
On Mon, 12 May 2014, Martin Kosek wrote:
On 05/12/2014 03:47 AM, James wrote:
On Sun, May 11, 2014 at 9:02 PM, Dmitri Pal wrote:
On 05/11/2014 06:31 PM, James wrote:
On Sun, May 11, 2014 at 3:04 PM, Dmitri Pal wrote:
This is scary.
This means that you expecting to have a hash being stored
On 05/12/2014 03:47 AM, James wrote:
> On Sun, May 11, 2014 at 9:02 PM, Dmitri Pal wrote:
>> On 05/11/2014 06:31 PM, James wrote:
>>>
>>> On Sun, May 11, 2014 at 3:04 PM, Dmitri Pal wrote:
This is scary.
This means that you expecting to have a hash being stored somewhere else
On Sun, May 11, 2014 at 9:02 PM, Dmitri Pal wrote:
> On 05/11/2014 06:31 PM, James wrote:
>>
>> On Sun, May 11, 2014 at 3:04 PM, Dmitri Pal wrote:
>>>
>>> This is scary.
>>> This means that you expecting to have a hash being stored somewhere else
>>> outside the DS.
>>
>> Haha, I agree! Actually,
On 05/11/2014 06:31 PM, James wrote:
On Sun, May 11, 2014 at 3:04 PM, Dmitri Pal wrote:
This is scary.
This means that you expecting to have a hash being stored somewhere else
outside the DS.
Haha, I agree! Actually, worse! I will have the plain text password
stored somewhere outside the DS! L
On Sun, May 11, 2014 at 3:04 PM, Dmitri Pal wrote:
>
> This is scary.
> This means that you expecting to have a hash being stored somewhere else
> outside the DS.
Haha, I agree! Actually, worse! I will have the plain text password
stored somewhere outside the DS! Let me give you more background:
On 05/11/2014 01:27 PM, James wrote:
Hi #freeipa,
I'm working on improving my puppet-ipa module...
One area I'm working on is "better password management"...
In any case, here's the problem:
I want to give the script the ability to change it. The easy way to do
this is to compare what it is cu
Hi #freeipa,
I'm working on improving my puppet-ipa module...
One area I'm working on is "better password management"...
In any case, here's the problem:
I want to give the script the ability to change it. The easy way to do
this is to compare what it is currently, to what it is set to. As I'm
a
18 matches
Mail list logo