[Freeipa-devel] User life cycle: authentication and preserved attributes
Simo Sorce
ssorce at redhat.com
Thu Jun 19 13:41:48 UTC 2014
On Thu, 2014-06-19 at 15:32 +0200, thierry bordaz wrote:
> (those values must be active DN entries)
> userPassword/krb keys: copied from source entry if
> they
> exists
Uhmm this may actually fail, as we prevent storing pre-hashed
passwords :/
We'll have to somehow detect that krbprincipalkeys are also being added
at the same time and allow pre-hashed password in that case, I guess.
Also I realized one thing for deleted users, should we preserve password
History (should we put the last used password there) ?
Simo.
More information about the Freeipa-devel
mailing list