[Freeipa-users] Password expiration dates are different when being resetted by the (primary) admin and a different admin
Dmitri Pal
dpal at redhat.com
Thu Aug 28 16:18:45 UTC 2014
On 08/28/2014 04:18 PM, Zip Ly wrote:
> Hi,
> I'm trying to change a user password without reset.
> If I use the (primary) admin to change the password then it doesn't
> need a password reset, because the expire lifetime is 90 days.
> But if I create a second admin, then every password change made by the
> second admin needs a password reset, because the password is expired
> immediately.
> 1a) Does anyone knows how I can change the policy/privilege of the
> second admin so every password change doesn't require a reset?
> 1b) and is it possible to set a different expire lifetime like zero
> for unlimited lifetime?
You are probably changing password for the admin himself.
Isn't there a different flow when admin changes his own password?
> It's almost the same bugreport as
> https://fedorahosted.org/freeipa/ticket/2795 but the difference is
> there should be 2 policies: one for changing your own password and
> another for resetting other users password.
> 2) Are there more differences in policies between the first (primary)
> admin and the second admin you just created?
> Kind regards,
> Zip
>
>
>
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140828/322474a1/attachment.htm>
More information about the Freeipa-users
mailing list