<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <div class="moz-cite-prefix">On 08/28/2014 04:18 PM, Zip Ly wrote:<br>
    </div>
    <blockquote
cite="mid:CAO5uCSmanpd8=M0LRwz7nJpdUO-Rqm38R_eqTfmy-wiVCMbj3A@mail.gmail.com"
      type="cite">
      <div dir="ltr">
        <div>Hi,</div>
        <div> </div>
        <div> </div>
        <div><span>I'm trying to change a user password without reset.</span></div>
        <div><span>If I use the (primary) admin to change the password
            then it doesn't need a password reset, because the
            expire lifetime is 90 days.</span></div>
        <div><span></span> </div>
        <div><span>But if I create a second admin, then every password
            change made by the second admin needs a password reset,
            because the password is expired immediately.</span></div>
        <div><span></span> </div>
        <span>
          <div><span>1a) Does anyone knows how I can change the
              policy/privilege of the second admin so every password
              change doesn't require a reset? 1b) and is it
              possible to set a different expire lifetime like zero
              for unlimited lifetime?</span></div>
        </span></div>
    </blockquote>
    <br>
    You are probably changing password for the admin himself.<br>
    Isn't there a different flow when admin changes his own password?<br>
    <br>
    <blockquote
cite="mid:CAO5uCSmanpd8=M0LRwz7nJpdUO-Rqm38R_eqTfmy-wiVCMbj3A@mail.gmail.com"
      type="cite">
      <div dir="ltr"><span>
          <div> </div>
          <div>
            <div><span>It's almost the same bugreport as <a
                  moz-do-not-send="true"
                  href="https://fedorahosted.org/freeipa/ticket/2795">https://fedorahosted.org/freeipa/ticket/2795</a>
                but the difference is there should be 2 policies: one
                for changing your own password and another for resetting
                other users password.</span></div>
             </div>
          <div> </div>
          <div>2) Are there more differences in policies between the
            first (primary) admin and the second admin you just created?</div>
          <div> </div>
          <div> </div>
          <div>Kind regards,</div>
          <div> </div>
          <div>Zip</div>
          <div>
             </div>
        </span>
        <p> </p>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
    </blockquote>
    <br>
    <br>
    <pre class="moz-signature" cols="72">-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager IdM portfolio
Red Hat, Inc.</pre>
  </body>
</html>