[Freeipa-users] passwd sync
Steven Jones
Steven.Jones at vuw.ac.nz
Wed Mar 28 19:50:30 UTC 2012
8><------
It cannot be a wildcard:
if (strcasecmp(krbcfg->passsync_mgrs[i], bindDN) == 0) {
pwdata.changetype = IPA_CHANGETYPE_DSMGR;
break;
}
but it is multivalued.
8><----------
This is over my head
8><----------
What exactly are you trying to do? Defeat password sync for
uid=*,cn=staff,cn=accounts,dc=etc ? Because I don't think passSyncManagersDNs is what you want for that, unless I'm mistaken.
8><--------
Ok, so at present when I setup a new user with a temp password in IPA and give it to the user they have to set a new one on first login to a client.
Once password(s) flow through from AD I don't want the reset password feature in IPA to be functional when a user "first" logs in.
regards
More information about the Freeipa-users
mailing list