Hello,
We have a third-party software which needs to change other user's
passwords without requiring the user to choose a new one. It is able to
do this for local users in /etc/passwd, but not for IPA users. To try
to solve this, we've to set up a special account and given it the
following attribute: "passSyncManagersDNs:
uid=$ADMIN,cn=users,cn=accounts,$DC", and that works in combination with
"ldappasswd" and/or "ipa user-mod" commands. However, it seems to
work
only when performing the action on an IPA server. Is there a way we
could enable this account to perform the password on an IPA client
systems (not an IPA server)? How might we go about that?
Many thanks,
--
| Pat Larkin<Patrick.Larkin(a)Sabre.com> | Texas USA |