Bug 510532

Summary: ipa pwpolicy-mod --minlife and --maxlife do not update the password policy
Product: [Retired] freeIPA Reporter: Jenny Severance <jgalipea>
Component: ipa-admintoolsAssignee: Rob Crittenden <rcritten>
Status: CLOSED ERRATA QA Contact: Chandrasekar Kannan <ckannan>
Severity: high Docs Contact:
Priority: high    
Version: 2.0CC: benl, dpal, jgalipea
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: freeipa-2.0.0-1.fc15 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-03-27 07:14:56 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 431020    

Description Jenny Severance 2009-07-09 16:50:58 UTC 
Description of problem:

[root@jennyv2 ~]# ipa pwpolicy-mod --minlife=10
-------------
pwpolicy-mod:
-------------
Password policy:
  History size: 0
  Minimum number of characters classes: 0
  Minimum length: 8
  Minimum lifetime (in hours): 1
  Maximum lifetime (in days): 90
-------------------------
Modified password policy.
-------------------------

[root@jennyv2 ~]# ipa pwpolicy-mod --maxlife=100
-------------
pwpolicy-mod:
-------------
Password policy:
  History size: 0
  Minimum number of characters classes: 0
  Minimum length: 8
  Minimum lifetime (in hours): 1
  Maximum lifetime (in days): 90
-------------------------
Modified password policy.
-------------------------

--history and --minlength are working.



Version-Release number of selected component (if applicable):
v2.0

How reproducible:
always

Steps to Reproduce:
1. see above description
2.
3.
  
Actual results:
minlife and maxlife are not updated

Expected results:
modification to be successful and output similar to 

[root@jennyv2 ~]# ipa pwpolicy-mod --history=8
-------------
pwpolicy-mod:
-------------
Password policy:
  History size: 8
-------------------------
Modified password policy.
-------------------------


Additional info:
Comment 1 Pavel Zuna 2009-11-23 13:00:47 UTC 
Fixed when the plugin was ported to use baseldap.py classes.

master: b29006dd0a0f33d5a34f3ee763c6bbe32e67e63a
Comment 2 Jenny Severance 2011-06-10 19:18:06 UTC 
verified


# ipa pwpolicy-mod --minlife=24
  Group: global_policy
  Max lifetime (days): 90
  Min lifetime (hours): 24
  History size: 0
  Character classes: 0
  Min length: 8
  Max failures: 6
  Failure reset interval: 60
  Lockout duration: 600

]# ipa pwpolicy-mod --maxlife=100
  Group: global_policy
  Max lifetime (days): 100
  Min lifetime (hours): 24
  History size: 0
  Character classes: 0
  Min length: 8
  Max failures: 6
  Failure reset interval: 60
  Lockout duration: 600

# rpm -qi ipa-server | head
Name        : ipa-server                   Relocations: (not relocatable)
Version     : 2.0.0                             Vendor: Red Hat, Inc.
Release     : 23.el6                        Build Date: Wed 20 Apr 2011 09:57:13 AM EDT
Install Date: Thu 19 May 2011 12:47:52 PM EDT      Build Host: x86-003.build.bos.redhat.com
Group       : System Environment/Base       Source RPM: ipa-2.0.0-23.el6.src.rpm
Size        : 2565882                          License: GPLv3+
Signature   : RSA/8, Thu 21 Apr 2011 03:48:25 PM EDT, Key ID 199e2f91fd431d51
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL         : http://www.freeipa.org/
Summary     : The IPA authentication server