[Freeipa-devel] krbpwdpolicypreference issues
Simo Sorce
simo at redhat.com
Fri Dec 20 13:46:31 UTC 2013
On Fri, 2013-12-20 at 10:22 +0100, Petr Viktorin wrote:
> On 12/19/2013 10:24 PM, Simo Sorce wrote:
> > I have been looking at how we deal with krbpwdpolicypreference as we
> > found issues with AD synced users, which get no password policy :/
> >
> > I found out that we do not rely on CoS anymore for setting the attribute
> > (origin of this bug I would guess), but instead explicitly set the
> > policy on user objects.
> >
> > Why is that ?
> >
> > Also I still see in bootstrap-template.ldif that we create a Password
> > Policy object in cn=accounts in theory, but I do not have this object on
> > my server, what happens to it, what removes it ? Why ?
>
> I don't see it in any update file. Was your server installed before this
> was added (2009-10-02)?
Actually it is indeed possible, but then why there was no update file
with the change ?
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list