[Freeipa-devel] Setting user password by default
Simo Sorce
simo at redhat.com
Tue Aug 16 17:19:17 UTC 2011
On Tue, 2011-08-16 at 08:55 -0400, Jenny Galipeau wrote:
>
> ----- Original Message -----
> > A user commented in IRC that the WebUI used to allow setting the
> > default
> > password when the user was added.
> >
> > WHile the simple use cae of "Add and edit" makes it easy enough to do
> > for a single user, adding users in bulk (Add and add another) gets
> > annoying if you need to really do add and edit, then update the
> > password, then got back to the list...etc.
> >
> > Should default password be on the add page?
> >
> > The CLI use case can have the user prompted for it if they so desire.
> > This means that, while it would be tough to do in bulk, doing one at a
> > time is pretty straightforward.
> >
> > I'm not sold. Does anyone want to chime in before I open a ticket.?
>
>
> I'm sold ... just like Active Directory when you add a user, you set the initial password .....
I am ok as long as we do not adopt the same braindead behavior of AD
UI :-)
A few years ago while experimenting with the dirsync control I found
they will create the user and set the password in 2 steps and if the
password fails to met complexity criteria they will "rollback" and will
delete the user just created and return you an error in the UI.
You will not see all this so if you retry 5/10 times to create a user
and every time you select a too weak password you end up
creating/deleting in a rapid cycle 5/10 times the same user (burning
SIDs and causing replications for nothing in the process).
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list