Re: Wheezy Gosa² setup

To: debian-edu@lists.debian.org
Subject: Re: Wheezy Gosa² setup
From: "Andreas B. Mundt" <andi.mundt@web.de>
Date: Tue, 22 Jan 2013 08:35:09 +0100
Message-id: <[🔎] 20130122073509.GA17391@fuzi>
Mail-followup-to: debian-edu@lists.debian.org
In-reply-to: <[🔎] 20130122054359.90814ky2h1yb1clr@mail.das-netzwerkteam.de>
References: <[🔎] 20130116205718.GA5359@schweer-online.local> <[🔎] 20130117010643.17971p25e6erh3tf@mail.das-netzwerkteam.de> <[🔎] 20130119104151.GA4390@ticino.com> <[🔎] 20130120123822.GA16810@fuzi> <[🔎] 20130120162516.GA5411@schweer-online.local> <[🔎] 20130121221737.GA7713@fuzi> <[🔎] 20130121233832.GA6800@schweer-online.local> <[🔎] 20130122054359.90814ky2h1yb1clr@mail.das-netzwerkteam.de>

Hi,

On Tue, Jan 22, 2013 at 05:43:59AM +0100, Mike Gabriel wrote:
> Hi Andi, hi Wolfgang,
>
> On Di 22 Jan 2013 00:38:32 CET Wolfgang Schweer wrote:
>
> >>In addition, I had to rewrite gosa-sync.
> >
> >gosa-sync seems to work here without any change.
>
> In Debian Edu squeeze and GOsa² 2.6 the gosa-sync script does not
> report back failures to GOsa², thus, passwords run out of sync. As
> we have several OTRS tickets open about this with our customers,
> this definitely would be an improvement for squeeze, at least. Are
> you really sure that error handling is correct with wheezy and GOsa²
> 2.7 (/me doubts it by what is written in this thread).
>
> Simple way to test gosa-sync failures: e.g. stop kadmind and try to
> modify or add a user with GOsa².
>

I just tried this test, however, even with kadmind stopped, the
password can be modified as gosa-sync operates via kadmin.local
directly on the database, I guess.

The test I used is changing to a password with just a single class of
characters, for example "12345".  GOsa allows this password, but I use
a Kerberos policy that demands 2 character classes:  This error is
reported in GOsa and the password modification canceled (also within
LDAP).

Best regards,

     Andi

Reply to:

Follow-Ups:
- Re: Wheezy Gosa² setup
  - From: "Wolfgang Schweer" <w.schweer@gmx.de>

References:
- Wheezy Gosa² setup
  - From: "Wolfgang Schweer" <w.schweer@gmx.de>
- Re: Wheezy Gosa² setup
  - From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
- Re: Wheezy Gosa² setup
  - From: Giorgio Pioda <gfwp@ticino.com>
- Wheezy Gosa² setup
  - From: "Andreas B. Mundt" <andi.mundt@web.de>
- Re: Wheezy Gosa² setup
  - From: "Wolfgang Schweer" <w.schweer@gmx.de>
- Re: Wheezy Gosa² setup
  - From: "Andreas B. Mundt" <andi.mundt@web.de>
- Re: Wheezy Gosa² setup
  - From: "Wolfgang Schweer" <w.schweer@gmx.de>
- Re: Wheezy Gosa² setup
  - From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>

Prev by Date: Re: Wheezy Gosa² setup
Next by Date: Processing of debian-edu-install_1.702_i386.changes
Previous by thread: Re: Wheezy Gosa² setup
Next by thread: Re: Wheezy Gosa² setup
Index(es):
- Date
- Thread