Re: [Freeipa-users] sync passwords with AD or not per user

2011-06-07 Thread Rich Megginson
On 06/07/2011 03:03 PM, Steven Jones wrote: Hi, Is it possible to set some users so they will not psswoard sync with AD while most do? Do you want the user data to sync, just not the passwords? regards ___ Freeipa-users mailing list

Re: [Freeipa-users] sync passwords with AD or not per user

2011-06-07 Thread Rich Megginson
On 06/07/2011 03:29 PM, Steven Jones wrote: Hi, I thought with freeipa 2.0 it could only sync passwords? Usually PassSync works in conjunction with Windows Sync - you first sync the users from AD to IPA, then when the AD password changes, PassSync finds the corresponding user in IPA (synced

Re: [Freeipa-users] sync passwords with AD or not per user

2011-06-07 Thread Rich Megginson
On 06/07/2011 03:36 PM, Steven Jones wrote: What sort of password control? Minimum length? Character classes? Password history checking? yes, yes and yes... regards With plain old 389, you can do all of these and more. IPA has its own password checking plugin, so it may differ slightly.

Re: [Freeipa-users] sync passwords with AD or not per user

2011-06-07 Thread Steven Jones
Hi, For most users I will want to allow the same password in AD as in freeipaso a linux or windows desktop will work with a linux or windows service.but for some specific financial servers/services I need a stricter password capability to meet our audit criteria. regards

Re: [Freeipa-users] sync passwords with AD or not per user

2011-06-07 Thread Rich Megginson
On 06/07/2011 03:41 PM, Steven Jones wrote: Hi, For most users I will want to allow the same password in AD as in freeipaso a linux or windows desktop will work with a linux or windows service.but for some specific financial servers/services I need a stricter password capability to

Re: [Freeipa-users] sync passwords with AD or not per user

2011-06-07 Thread Dmitri Pal
On 06/07/2011 05:41 PM, Steven Jones wrote: Hi, For most users I will want to allow the same password in AD as in freeipaso a linux or windows desktop will work with a linux or windows service.but for some specific financial servers/services I need a stricter password capability

Re: [Freeipa-users] sync passwords with AD or not per user

2011-06-07 Thread Steven Jones
Thanks... Some options to suggest you can create specific users in IPA and apply more restrictive password policies to them? Sounds the better way regards From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on behalf of

Re: [Freeipa-users] Difficulty installing freeipa

2011-06-07 Thread Stamper, Brian P. (ARC-D)[Logyx LLC]
I'm not using a VM, I'm using a workstation dedicated to just FreeIPA. It has 4GB memory. Which logs are you interested in? I've been looking through all I can find and have seen nothing relevant. -Brian [root@freeipa ~]# free total used free sharedbuffers

Re: [Freeipa-users] Difficulty installing freeipa

2011-06-07 Thread Stamper, Brian P. (ARC-D)[Logyx LLC]
The short answer is, it's not. I don't really use DNS, I rely on hosts files, particularly in this test environment. -brian From: Steven Jones [steven.jo...@vuw.ac.nz] Sent: Tuesday, June 07, 2011 4:13 PM To: Stamper, Brian P. (ARC-D)[Logyx LLC];