On Thu, 27 Jan 2011 19:20:02 -0500
James Roman james.ro...@ssaihq.com wrote:
On 1/27/11 12:58 PM, Simo Sorce wrote:
On Wed, 2011-01-26 at 13:59 -0500, James Roman wrote:
So it looks like the replication password issue was a red herring
as far as the kerberos is concerned. I issued the
On 1/28/11 8:28 AM, Simo Sorce wrote:
On Thu, 27 Jan 2011 19:20:02 -0500
James Romanjames.ro...@ssaihq.com wrote:
On 1/27/11 12:58 PM, Simo Sorce wrote:
On Wed, 2011-01-26 at 13:59 -0500, James Roman wrote:
So it looks like the replication password issue was a red herring
as far as the
On Fri, 28 Jan 2011 09:20:37 -0500
James Roman james.ro...@ssaihq.com wrote:
OK. Now I feel like an idiot. I swear that was the first thing I
checked. It seems the password policy on this server was set at the
base, instead of cn=users. We have a script that reports on expiring
accounts in
On 01/28/2011 10:39 AM, Simo Sorce wrote:
Rirst of all.
I am glad this was resolved, it looked puzzling indeed.
I just want to note that we do not support using the DS password policy
in ipa as we already have the kerberos pw policy, that's why the uid=kdc
was not protected against it.
In v2
On Fri, 28 Jan 2011 17:39:14 -0500
James Roman james.ro...@ssaihq.com wrote:
On 01/28/2011 10:39 AM, Simo Sorce wrote:
Rirst of all.
I am glad this was resolved, it looked puzzling indeed.
I just want to note that we do not support using the DS password
policy in ipa as we already