Great! Btw +1 for running on IPA 3.3.3, it has much more to offer than
RHEL/CentOS 6.x one.
Martin
On 09/03/2014 06:08 PM, Zip Ly wrote:
@Martin
Ah that explains everything. We were using centos 6.5 + ipa 3.0.0
Now with a new test setup centos 7 + ipa 3.3.3, it works just as we wanted.
@Martin
Ah that explains everything. We were using centos 6.5 + ipa 3.0.0
Now with a new test setup centos 7 + ipa 3.3.3, it works just as we wanted.
Thank all for the help!
On Tue, Sep 2, 2014 at 5:19 PM, Martin Kosek mko...@redhat.com wrote:
On 09/02/2014 10:42 AM, Zip Ly wrote:
@Martin
@Martin
The second admin is my service account. I use this account to communicate
with our webapplication (it uses keytab and post/curl json to ipa). I can
add users without a problem. But when it comes to changing password, the
password is expired immediately.
I have only one password policy
On 09/02/2014 10:42 AM, Zip Ly wrote:
@Martin
The second admin is my service account. I use this account to communicate
with our webapplication (it uses keytab and post/curl json to ipa). I can
add users without a problem. But when it comes to changing password, the
password is expired
On 08/29/2014 10:21 AM, Zip Ly wrote:
@Martin
1) Yes, I did executed 8.5.3 from the wiki. Is this is reason for the
systems behaviour?
Yes.
if so why doesnt't it applies for both admins?
Because only a DN of the first admin was added. It applies only to objects
bound with this DN then.
@Martin
1) Yes, I did executed 8.5.3 from the wiki. Is this is reason for the
systems behaviour? if so why doesnt't it applies for both admins? And it
doesn't explain the 90 days, because it is not set in the tutorial. Unless
some params are left out of the wiki for some reason. I'm using windows
On 08/28/2014 04:18 PM, Zip Ly wrote:
Hi,
I'm trying to change a user password without reset.
If I use the (primary) admin to change the password then it doesn't need a
password reset, because the expire lifetime is 90 days.
This is strange. Did you by any chance added this admin's
1a) has come up before:
https://www.redhat.com/archives/freeipa-users/2014-February/msg00313.html
1b) We handled this by setting the expire lifetime to a very large value (20
years) for members of a certain group.
2) I’m not sure.
Kind regards,
Will Sheldon
+1.778-689-1244
On August 28,
On 08/28/2014 04:18 PM, Zip Ly wrote:
Hi,
I'm trying to change a user password without reset.
If I use the (primary) admin to change the password then it doesn't
need a password reset, because the expire lifetime is 90 days.
But if I create a second admin, then every password change made by the
