Hello,
We have a third-party software which needs to change other user's
passwords without requiring the user to choose a new one. It is
able to do this for local users in /etc/passwd, but not for IPA
users. To try to solve this, we've to set up a special account and
given it the following attribute: "passSyncManagersDNs:
uid=$ADMIN,cn=users,cn=accounts,$DC", and that works in combination
with "ldappasswd" and/or "ipa user-mod" commands. However, it
seems to work only when performing the action on an IPA server. Is
there a way we could enable this account to perform the password on
an IPA client systems (not an IPA server)? How might we go about
that?
Many thanks,
--
| Pat Larkin <Patrick.Larkin@Sabre.com> | Texas USA |