Thread-topic: the joys of macintosh administration
User-agent: Microsoft-Entourage/12.1.0.080305
On 3/26/08 5:11 PM, "Jerry L. Blackmon II" <email@hidden>
wrote:
> On Mar 26, 2008, at 7:26 PM, Matt Rosenberg wrote:
>
>> Neither "Open Directory" nor "iCal Server" appear in your original post.
>
> Perhaps I was wrong in assuming that such would be a given on a Mac OS X
> Server mailing list. Though the problems I mentioned in the post aren't
> really relevant unless the client is talking to a server, I should have been
> more specific about this being a client problem with a server connection on a
> server mailing list. My bad.
>
>> BTW, I'm told this is something you can do with Open Directory users also.
>> Instead of replacing hash files, you modify the user record so that it
>> points to a different Password Server slot.
>
> Thanks for an actual answer to the question. Is that the only way this can be
> done? Because if so, I think my original point stands. Sounds like this is a
> long way around changing a user's password without actually knowing it. Would
> be simpler to just reset it and ask them to restore it the next day.
While this would be a bit more complicated to script for OD accounts than
DSLocal, it seems pretty straightforward. I think the main concern is how
you'd temporarily store the user's real slot ID, since I don't think there's
anything in the Password Server that lets you do a "reverse lookup" to see
who a slot belongs to. But either way, once you make a script the password
swap becomes a 10-second operation.
Once again, there's absolutely no use in "making a point" on this list. If
you want Apple to do something differently, file a bug report/enhancement
request.
Matt
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
This email sent to email@hidden
