IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-13 09:41:55 -06:00
Code Issues Packages Projects Releases Wiki Activity
4,310 Commits 11 Branches 59 Tags 60 MiB
f28ab8351f
Commit Graph

5 Commits

Author SHA1 Message Date
Simo Sorce
f28ab8351f ipa-kdb: Fix legacy password hashes generation 
We were not searching for objectclass so the test to se if a user had the
posixAccount attribute was failing and the user was not marked as ipa_user.
This in turn caused us to not synchronize legacy hashes by not trying to store
the userPassword attribute.

Fixes: https://fedorahosted.org/freeipa/ticket/1820
 2011-10-06 12:15:05 -04:00
Simo Sorce
dfc704de25 ipa-kdb: Fix expiration time calculation 
Expiration time should be enforced as per policy only for users and only when a
password change occurs, ina ll other cases we should just let kadmin decide
whther it is going to set a password expiration time or just leave it empty.

In general service tickts have strong random passwords so they do not need a
password policy or expiration at all.

https://fedorahosted.org/freeipa/ticket/1839
 2011-09-26 10:07:11 +02:00
Simo Sorce
4167ad01d7 ipa-kdb: Properly set password expiration time. 
We do the policy check so we are the only one that can calculate the new
pwd espiration time.

Fixes: https://fedorahosted.org/freeipa/ticket/1793
 2011-09-19 12:28:35 -04:00
Simo Sorce
0d048d7b49 ipa-kdb: add password policy support 
Use default policy for new principals created by kadmin
 2011-08-26 08:24:50 -04:00
Simo Sorce
452fcdccdc ipa-kdb: implement change_pwd function 2011-08-26 08:24:49 -04:00