Hi! I have FreeIPA 4.0.1 with an trust to AD to Windows 2012. The Linux clients have sssd 1.11.6 and use the ipa provider for authentication (part of client sssd.conf):
id_provider = ipa auth_provider = ipa access_provider = ipa ipa_hostname = linux1.linux.intern chpass_provider = ipa I found out, the password policy for complexity etc. is retrieved from the group policy in AD, but is there also a way to retrieve the password policy from FreeIPA? All the other parts such as sudo rules and HBAC work when i assign the FreeIPA posix group which includes the external group from AD, but not the password policy. Is there also some documentation about password policy with AD trust (i was browsing documents from http://www.freeipa.org/page/Trusts but did not find anything)? Thanks! Gregor -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
