Bug 35895 - Disable password sync via UCR
Disable password sync via UCR
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: AD Connector
UCS 3.2
Other Linux
: P5 enhancement (vote)
: UCS 3.2-3-errata
Assigned To: Stefan Gohmann
Felix Botner
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-09-11 14:26 CEST by Stefan Gohmann
Modified: 2014-10-22 16:06 CEST (History)
1 user (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Gohmann univentionstaff 2014-09-11 14:26:52 CEST
In demo setups it helps if the AD connector can be demonstrated without the password sync service which requires an installation on AD side.

It should be possible to disable the password sync via UCR variable.
Comment 1 Stefan Gohmann univentionstaff 2014-10-15 06:50:22 CEST
UCR variable has been added: connector/ad/mapping/user/password/disabled

UCS 3.2-3: r54435
YAML: r54437
UCS 4.0-0: r54436
Comment 2 Felix Botner univentionstaff 2014-10-20 16:29:40 CEST
OK - UCS 3.2

* created users in AD, configures connector without password sync 
  -> initial sync ok
* changed password in UCS/AD 
  -> kinit with UCS password works in UCS
  -> ldapsearch on AD with AD password works
* activating password sync, works
  -> changing password in UCS, synced to AD
  -> changing password in AD, synced to UCS

OK -  UCS 4.0

OK - YAML
Comment 3 Janek Walkenhorst univentionstaff 2014-10-22 16:06:58 CEST
http://errata.univention.de/ucs/3.2/223.html