First Last Prev Next    This bug is not in your last search results.
Bug 56725 - User krbkeycloak vs password policies
User krbkeycloak vs password policies
Status: NEW
Product: UCS
Classification: Unclassified
Component: Keycloak
UCS 5.0
Other Linux
: P5 normal (vote)
: ---
Assigned To: UCS maintainers
UCS maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2023-10-11 16:34 CEST by Robert Heyer
Modified: 2023-10-11 16:34 CEST (History)
0 users

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Heyer univentionstaff 2023-10-11 16:34:47 CEST 
The joinscript 50keycloak.inst creates (if not exists) the user krbkeycloak and give him a password by makepassd --chars 20. Sometimes this correlates with password policies on the ldap base in the case that the password policy requires special characters. Is it possible to change this and use the --string parameter for generating a password with special characters for this user? 

if [ -n "$user_exists" ]; then
        echo "Kerberos Service Principal already exists: $user_exists.\nSkipping user creation"
else
        krb_password="$(makepasswd --chars 20)"
        udm users/user create "$@" --ignore_exists \
                --position "cn=users,$ldap_base" \
                --set username="$spn_account_name" \
                --set lastname="keycloak" \
                --set password="$krb_password" \
                --append objectFlag=hidden || die
First Last Prev Next    This bug is not in your last search results.