Bug 1029716

Summary: Paragraph 15.6.3 is quite misleading
Product: Red Hat Enterprise Linux 6 Reporter: Simo Sorce <ssorce>
Component: doc-Identity_Management_GuideAssignee: Deon Ballard <dlackey>
Status: CLOSED CURRENTRELEASE QA Contact: ecs-bugs
Severity: urgent Docs Contact:
Priority: urgent    
Version: 6.4CC: dpal, rcritten
Target Milestone: rcKeywords: Documentation
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-07-29 20:25:47 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Simo Sorce 2013-11-13 01:09:15 UTC 
Paragraph 15.6.3. "Exempting Active Directory Users from Password Synchronization" gives an incorrect explanation of what the passSyncManagersDNs attribute does.

The title make it seem like it prevents the synchronization of passwords for specific users.
The text makes it look like it exempt a user from obeying password policies.

Neither explanation is correct, this command allow any listed user to change any other user password without them needing to reset their password again.

It should be made clean that listing a user there gives this user the ability to change any other user password.
Comment 3 Dmitri Pal 2013-12-10 14:23:51 UTC 
https://fedorahosted.org/freeipa/ticket/4072
Comment 5 Deon Ballard 2014-07-29 20:22:59 UTC 
Mass closure. These bugs were live in RHEL 6.5.