[Freeipa-devel] [PATCH 0064] Do not check userPassword with 7-bit plugin
Martin Kosek
mkosek at redhat.com
Mon Jun 3 12:55:06 UTC 2013
On 06/03/2013 01:32 PM, Jan Cholasta wrote:
> Hi,
>
> On 3.6.2013 13:10, Tomas Babej wrote:
>> Hi,
>>
>> Default list of attributes that are checked with 7-bit plugin
>> for being 7-bit clean includes userPassword. Consecutively, one
>> is unable to set passwords that contain non-ascii characters.
>>
>> https://fedorahosted.org/freeipa/ticket/3640
>>
>> Tomas
>>
>
> what is the idea behind this:
>
> +replace:nsslapd-pluginarg2:userpassword::mail
>
> why not use remove instead of replace?
Because of https://fedorahosted.org/389/ticket/47370, I found - DS would crash.
In this update, I would like to operate only with this one attribute to avoid
shifting the whole nsslapd-pluginargX array if we chose to remove
nsslapd-pluginarg2.
I thought that the safest approach would be to simply replace
nsslapd-pluginarg2 with an already checked value, thus creating a safe NOOP.
But I am open to other values leading to not checking userPassword attribute +
changing nsslapd-pluginarg2 only.
Martin
More information about the Freeipa-devel
mailing list