[Freeipa-devel] [PATCH] 88 Reword description of the --passsync option of ipa-replica-manage

Jan Cholasta jcholast at redhat.com
Fri Nov 2 11:20:05 UTC 2012 

On 1.11.2012 19:25, Rob Crittenden wrote:
> Rob Crittenden wrote:
>> Jan Cholasta wrote:
>>> Hi,
>>>
>>> this patch fixes <https://fedorahosted.org/freeipa/ticket/3208>.
>>
>> There are two typos, PasSync with only 2 s's.
>>
>> I think there should be a separate section on PassSync explaining what
>> the service is and passwords are modified. There is some information on
>> this in the ticket. It doesn't need to be very long.
>>
>> rob
>
> I had something like this in mind:
>
> diff --git a/install/tools/man/ipa-replica-manage.1
> b/install/tools/man/ipa-repl
> ica-manage.1
> index b1704c0..4e4bfa9 100644
> --- a/install/tools/man/ipa-replica-manage.1
> +++ b/install/tools/man/ipa-replica-manage.1
> @@ -176,6 +176,10 @@ Create a winsync replication agreement:
>   .TP
>   Remove a winsync replication agreement:
>    # ipa\-replica\-manage disconnect windows.ad.example.com
> +.SH "PASSSYNC"
> +PassSync is a Windows service that runs on AD Domain Controllers to
> intercept password changes. It sends these password changes to the IPA
> LDAP server over TLS. These password changes bypass normal IPA password
> policy settings and the password is not set to immediately expire. This
> is because by the time IPA receives the password change it has already
> been accepted by AD so it is too late to reject it.
> +.TP
> +IPA maintains a list of DNs that are excempt from password policy. A
> special us
> er is added automatically when a winsync replication agreement is
> created. The DN of this user is added to the excemption list stored in
> passSyncManagersDNs in tne entry cn=ipa_pwd_extop,cn=plugins,cn=config.
>   .SH "EXIT STATUS"
>   0 if the command was successful
>
>

Thanks, added. Updated patch attached.

Honza

-- 
Jan Cholasta
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-88.1-Reword-description-of-the-passsync-option-of-ipa-rep.patch
Type: text/x-patch
Size: 3209 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20121102/913bc2fb/attachment.bin>

More information about the Freeipa-devel mailing list