[Freeipa-devel] [PATCH] 851 add password indicator
Rob Crittenden
rcritten at redhat.com
Mon Aug 22 22:26:52 UTC 2011
We used to calculate has_keytab based on whether krblastpwdchange was
set. We did this because you can't see whether a krbPrincipalKey is set.
We had a need to see whether a password was set on hosts. What I did was
create a new ACI that allows search on krbPrincpalKey and userPassword.
This means you can search for attribute existence and gives us a better
picture of what entries have.
This adds a new fake attribute, has_password. I've added has_password
and has_keytab to user objects as well so you can see whether a password
is set on a user (and may be useful during migration).
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-rcrit-851-indicator.patch
Type: application/mbox
Size: 40559 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20110822/778d38ea/attachment.mbox>
More information about the Freeipa-devel
mailing list