[Freeipa-devel] krbpwdpolicypreference issues
Simo Sorce
simo at redhat.com
Thu Dec 19 21:24:45 UTC 2013
I have been looking at how we deal with krbpwdpolicypreference as we
found issues with AD synced users, which get no password policy :/
I found out that we do not rely on CoS anymore for setting the attribute
(origin of this bug I would guess), but instead explicitly set the
policy on user objects.
Why is that ?
Also I still see in bootstrap-template.ldif that we create a Password
Policy object in cn=accounts in theory, but I do not have this object on
my server, what happens to it, what removes it ? Why ?
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list