[Freeipa-devel] [PATCH] Add new pwpolicy plugin based on baseldap classes
Dmitri Pal
dpal at redhat.com
Tue Apr 27 20:27:41 UTC 2010
Rob Crittenden wrote:
> Pavel Zůna wrote:
>> Don't mind the numbering. This is a completely independent patch.
>>
>> It adds a new pwpolicy plugin based on baseldap.py classes. It has
>> the same functionality as the current pwpolicy plugin, but a more
>> clean and consistent interface, fine grained search capabilities, etc.
>>
>> This is actually an updated version of a patch I released some time
>> ago, but it never got fully reviewed.
>>
>> Pavel
>
> The original pwpolicy module took group policy via the --group option,
> yours takes group as the first argument (if any). My thought on this
> was that at some point someone would want per-user password policy so
> we could add a --user option. If this isn't forseen as needed then
> using the first argument for group is probably easier to grok.
>
I agree with Rob's approach. We migh want to have a more granular pwd
policy in future.
> Had a failure:
> $ ./ipa pwpolicy2-mod g1 --priority=2
> ipa: ERROR: an internal error has occurred
>
> File "/home/rcrit/redhat/freeipa-ca/ipalib/plugins/pwpolicy2.py",
> line 99, in pre_callback
> del entry_attrs['cn']
> KeyError: 'cn'
>
> rob
>
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel
>
>
--
Thank you,
Dmitri Pal
Engineering Manager IPA project,
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-devel
mailing list