[Freeipa-devel] [freeipa PR#621][comment] Add --password-expiration to allow an admin to force a password change

URL: https://github.com/freeipa/freeipa/pull/621 Title: #621: Add --password-expiration to allow an admin to force a password change MartinBasti commented: """ master: * 274b0bcf5ff2408739d94ba1b1b4bca69f310dfc Add --password-expiration to allow admin to force user password expiration """

[Freeipa-devel] [freeipa PR#621][comment] Add --password-expiration to allow an admin to force a password change

URL: https://github.com/freeipa/freeipa/pull/621 Title: #621: Add --password-expiration to allow an admin to force a password change HonzaCholasta commented: """ Works for me. Thanks! """ See the full comment at https://github.com/freeipa/freeipa/pull/621#issuecomment-290635083 -- Manage you

[Freeipa-devel] [freeipa PR#621][comment] Add --password-expiration to allow an admin to force a password change

URL: https://github.com/freeipa/freeipa/pull/621 Title: #621: Add --password-expiration to allow an admin to force a password change redhatrises commented: """ @HonzaCholasta I also removed `krbPasswordExpiration` from the "Admin can manage any entry" ACI. """ See the full comment at https:/

[Freeipa-devel] [freeipa PR#621][comment] Add --password-expiration to allow an admin to force a password change

URL: https://github.com/freeipa/freeipa/pull/621 Title: #621: Add --password-expiration to allow an admin to force a password change HonzaCholasta commented: """ @redhatrises, the "Admin can manage any entry" ACI in fact contains a blacklist of attributes which admins aren't allowed to write.

[Freeipa-devel] [freeipa PR#621][comment] Add --password-expiration to allow an admin to force a password change

URL: https://github.com/freeipa/freeipa/pull/621 Title: #621: Add --password-expiration to allow an admin to force a password change redhatrises commented: """ @HonzaCholasta updated "Admins can write passwords" ACI to contain 'krbPasswordExpiration' as the "Admin can manage any entry" ACI alr

[Freeipa-devel] [freeipa PR#621][comment] Add --password-expiration to allow an admin to force a password change

URL: https://github.com/freeipa/freeipa/pull/621 Title: #621: Add --password-expiration to allow an admin to force a password change HonzaCholasta commented: """ The `admin` user is not allowed to write to the attribute: ``` $ kinit admin Password for ad...@abc.idm.lab.eng.brq.redhat.com: $ ip

[Freeipa-devel] [freeipa PR#621][comment] Add --password-expiration to allow an admin to force a password change

URL: https://github.com/freeipa/freeipa/pull/621 Title: #621: Add --password-expiration to allow an admin to force a password change redhatrises commented: """ > @redhatrises, datetime.utcnow() is what I meant. Oh good. Ready for your review. """ See the full comment at https://github.com/fr

[Freeipa-devel] [freeipa PR#621][comment] Add --password-expiration to allow an admin to force a password change

URL: https://github.com/freeipa/freeipa/pull/621 Title: #621: Add --password-expiration to allow an admin to force a password change HonzaCholasta commented: """ @redhatrises, `datetime.utcnow()` is what I meant. """ See the full comment at https://github.com/freeipa/freeipa/pull/621#issuecom

[Freeipa-devel] [freeipa PR#621][comment] Add --password-expiration to allow an admin to force a password change

URL: https://github.com/freeipa/freeipa/pull/621 Title: #621: Add --password-expiration to allow an admin to force a password change redhatrises commented: """ @HonzaCholasta used `datetime.utcnow()` as I couldn't find a reference for `datetime.utctime()` """ See the full comment at https://