Univention Bugzilla – Bug 56725
User krbkeycloak vs password policies
Last modified: 2023-10-11 16:34:47 CEST
The joinscript 50keycloak.inst creates (if not exists) the user krbkeycloak and give him a password by makepassd --chars 20. Sometimes this correlates with password policies on the ldap base in the case that the password policy requires special characters. Is it possible to change this and use the --string parameter for generating a password with special characters for this user? if [ -n "$user_exists" ]; then echo "Kerberos Service Principal already exists: $user_exists.\nSkipping user creation" else krb_password="$(makepasswd --chars 20)" udm users/user create "$@" --ignore_exists \ --position "cn=users,$ldap_base" \ --set username="$spn_account_name" \ --set lastname="keycloak" \ --set password="$krb_password" \ --append objectFlag=hidden || die