Red Hat Bugzilla – Bug 1029716
Paragraph 15.6.3 is quite misleading
Last modified: 2014-07-29 16:25:47 EDT
Paragraph 15.6.3. "Exempting Active Directory Users from Password Synchronization" gives an incorrect explanation of what the passSyncManagersDNs attribute does.
The title make it seem like it prevents the synchronization of passwords for specific users.
The text makes it look like it exempt a user from obeying password policies.
Neither explanation is correct, this command allow any listed user to change any other user password without them needing to reset their password again.
It should be made clean that listing a user there gives this user the ability to change any other user password.
Mass closure. These bugs were live in RHEL 6.5.