On 05/12/2014 10:37 PM, James wrote:
On Mon, May 12, 2014 at 6:22 PM, Dmitri Pal d...@redhat.com wrote:
On 05/12/2014 06:07 PM, James wrote:
On Mon, 2014-05-12 at 17:56 -0400, Dmitri Pal wrote:
Is there any other attribute to look at?
For example the timestamp when it was last set and base
On Tue, May 13, 2014 at 10:36 AM, Dmitri Pal d...@redhat.com wrote:
This is their problem. Why would we aid them to do wrong things and make it
easier?
I really miss the point. Why it is all needed?
Why do you need to reset passwords in IPA through puppet?
What is the use case?
Give me about
- Original Message -
On Mon, 2014-05-12 at 17:56 -0400, Dmitri Pal wrote:
Is there any other attribute to look at?
For example the timestamp when it was last set and base the update on
that rather than on matching password values?
There are some other solutions, but they are
b- Original Message -
On Mon, May 12, 2014 at 6:22 PM, Dmitri Pal d...@redhat.com wrote:
On 05/12/2014 06:07 PM, James wrote:
On Mon, 2014-05-12 at 17:56 -0400, Dmitri Pal wrote:
Is there any other attribute to look at?
For example the timestamp when it was last set and base
On 05/12/2014 03:47 AM, James wrote:
On Sun, May 11, 2014 at 9:02 PM, Dmitri Pal d...@redhat.com wrote:
On 05/11/2014 06:31 PM, James wrote:
On Sun, May 11, 2014 at 3:04 PM, Dmitri Pal d...@redhat.com wrote:
This is scary.
This means that you expecting to have a hash being stored somewhere
On Mon, 12 May 2014, Martin Kosek wrote:
On 05/12/2014 03:47 AM, James wrote:
On Sun, May 11, 2014 at 9:02 PM, Dmitri Pal d...@redhat.com wrote:
On 05/11/2014 06:31 PM, James wrote:
On Sun, May 11, 2014 at 3:04 PM, Dmitri Pal d...@redhat.com wrote:
This is scary.
This means that you
On 05/12/2014 03:43 AM, Alexander Bokovoy wrote:
On Mon, 12 May 2014, Martin Kosek wrote:
On 05/12/2014 03:47 AM, James wrote:
On Sun, May 11, 2014 at 9:02 PM, Dmitri Pal d...@redhat.com wrote:
On 05/11/2014 06:31 PM, James wrote:
On Sun, May 11, 2014 at 3:04 PM, Dmitri Pal d...@redhat.com
On Mon, 2014-05-12 at 16:25 -0400, Dmitri Pal wrote:
Yes and this was my point too. If you have root you do not need to
know
the old password. You can just reset the current one to what you want.
I agree, with you. This isn't about functionality, it's about automating
functionality. Puppet
On Mon, 2014-05-12 at 09:11 +0200, Martin Kosek wrote:
1) Get fbar1;s b64 encoded password hash:
# ldapsearch -Y EXTERNAL -H ldapi://%2fvar%2frun%
2fslapd-EXAMPLE-COM.socket -b
'uid=fbar1,cn=users,cn=accounts,dc=example,dc=com' userPassword
This seems to work great. I used user 'admin'. I
On 05/12/2014 04:28 PM, James wrote:
On Mon, 2014-05-12 at 16:25 -0400, Dmitri Pal wrote:
Yes and this was my point too. If you have root you do not need to
know
the old password. You can just reset the current one to what you want.
I agree, with you. This isn't about functionality, it's about
On Mon, 2014-05-12 at 17:56 -0400, Dmitri Pal wrote:
Is there any other attribute to look at?
For example the timestamp when it was last set and base the update on
that rather than on matching password values?
There are some other solutions, but they are less elegant or don't work
On 05/12/2014 06:07 PM, James wrote:
On Mon, 2014-05-12 at 17:56 -0400, Dmitri Pal wrote:
Is there any other attribute to look at?
For example the timestamp when it was last set and base the update on
that rather than on matching password values?
There are some other solutions, but they are
Hi #freeipa,
I'm working on improving my puppet-ipa module...
One area I'm working on is better password management...
In any case, here's the problem:
I want to give the script the ability to change it. The easy way to do
this is to compare what it is currently, to what it is set to. As I'm
On 05/11/2014 01:27 PM, James wrote:
Hi #freeipa,
I'm working on improving my puppet-ipa module...
One area I'm working on is better password management...
In any case, here's the problem:
I want to give the script the ability to change it. The easy way to do
this is to compare what it is
On Sun, May 11, 2014 at 3:04 PM, Dmitri Pal d...@redhat.com wrote:
This is scary.
This means that you expecting to have a hash being stored somewhere else
outside the DS.
Haha, I agree! Actually, worse! I will have the plain text password
stored somewhere outside the DS! Let me give you more
On 05/11/2014 06:31 PM, James wrote:
On Sun, May 11, 2014 at 3:04 PM, Dmitri Pal d...@redhat.com wrote:
This is scary.
This means that you expecting to have a hash being stored somewhere else
outside the DS.
Haha, I agree! Actually, worse! I will have the plain text password
stored somewhere
On Sun, May 11, 2014 at 9:02 PM, Dmitri Pal d...@redhat.com wrote:
On 05/11/2014 06:31 PM, James wrote:
On Sun, May 11, 2014 at 3:04 PM, Dmitri Pal d...@redhat.com wrote:
This is scary.
This means that you expecting to have a hash being stored somewhere else
outside the DS.
Haha, I agree!
17 matches
Mail list logo
