[Freeipa-users] slapi-nis bypass Password Policies
cbulist at gmail.com
cbulist at gmail.com
Mon Sep 23 14:20:22 UTC 2013
Hi JR,
Thanks and I'm sorry for the delay.
Your idea is good and I used something like that for other openldap
implementation but in this case I need that all my users continue using
their userid and pass in order to log in.
We use NoMachine for Remote Access and this application has problem
with password expiration or password change that is the reason why I was
thinking bypass the password policies.
Please let me know if you need any additional information about it.
Thanks!
On 09/20/2013 04:10 PM, JR Aquino wrote:
> Is your client simply using LDAP to bind and authenticate your service?
>
> If so, you may be able to create a special dedicated sysaccount in: cn=sysaccounts,cn=etc,dc=domain,dc=com
>
> This account could be used to bind your service without having it be a member of the standard users database subjected to Password Policy expirations etc.
>
> "You cannot hope to secure that which you do not first understand"
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Jr Aquino | Sr. Information Security Specialist
> GXPN | GIAC Exploit Researcher and Advanced Penetration Tester
> GCIH | GIAC Certified Incident Handler
> GWAPT | GIAC WebApp Penetration Tester
>
> Citrix Online | 7408 Hollister Avenue | Goleta, CA 93117<x-apple-data-detectors://0/0>
> T: +1 805.690.3478<tel:+1%C2%A0805.690.3478>
> C: +1 805.717.0365<tel:+1%20805.717.0365>
> jr.aquino at citrix.com<mailto:jr.aquino at citrixonline.com>
> http://www.citrixonline.com<http://www.citrixonline.com/>
>
> On Sep 18, 2013, at 10:00 AM, cbulist at gmail.com<mailto:cbulist at gmail.com> wrote:
>
> Hi,
>
> We have a client server connected to the IPA server using NIS. It's
> working well but we have a service running at client server that doesn't
> handle the password expiration properly.
> Is it possible to bypass the Password Policies from this client server?
>
> Thanks!
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com<mailto:Freeipa-users at redhat.com>
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
More information about the Freeipa-users
mailing list