[Freeipa-devel] Consistent password hashing and lookups
Dmitri Pal
dpal at redhat.com
Mon May 12 21:56:05 UTC 2014
On 05/12/2014 04:28 PM, James wrote:
> On Mon, 2014-05-12 at 16:25 -0400, Dmitri Pal wrote:
>> Yes and this was my point too. If you have root you do not need to
>> know
>> the old password. You can just reset the current one to what you want.
> I agree, with you. This isn't about functionality, it's about automating
> functionality. Puppet needs to know if the stored password matches the
> password it thinks is correct. Without this it would just try and run
> "setpassword" each run.
>
> I will test Martin's command shortly :)
>
> Cheers!
>
Is there any other attribute to look at?
For example the timestamp when it was last set and base the update on
that rather than on matching password values?
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
More information about the Freeipa-devel
mailing list