1029716 – Paragraph 15.6.3 is quite misleading

Bug 1029716 - Paragraph 15.6.3 is quite misleading

Summary: Paragraph 15.6.3 is quite misleading

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	doc-Identity_Management_Guide
Sub Component:
Version:	6.4
Hardware:	Unspecified
OS:	Unspecified
Priority:	urgent
Severity:	urgent
Target Milestone:	rc
Target Release:	---
Assignee:	Deon Ballard
QA Contact:	ecs-bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-11-13 01:09 UTC by Simo Sorce
Modified:	2014-07-29 20:25 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2014-07-29 20:25:47 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Simo Sorce 2013-11-13 01:09:15 UTC

Paragraph 15.6.3. "Exempting Active Directory Users from Password Synchronization" gives an incorrect explanation of what the passSyncManagersDNs attribute does.

The title make it seem like it prevents the synchronization of passwords for specific users.
The text makes it look like it exempt a user from obeying password policies.

Neither explanation is correct, this command allow any listed user to change any other user password without them needing to reset their password again.

It should be made clean that listing a user there gives this user the ability to change any other user password.

Comment 3 Dmitri Pal 2013-12-10 14:23:51 UTC

https://fedorahosted.org/freeipa/ticket/4072

Comment 5 Deon Ballard 2014-07-29 20:22:59 UTC

Mass closure. These bugs were live in RHEL 6.5.

Note You need to log in before you can comment on or make changes to this bug.