Hello,
On 11/06/2013 04:43 PM, Petr Spacek wrote:
On 6.11.2013 17:34, Jan Tomasek wrote:
Hello,
please, does anybyody any idea how to implement this with 389?
According to http://tools.ietf.org/html/rfc4519#section-2.41
the userPassword attribute is multi-valued.
Did you try to add multiple values to the attribute?
Yes it works but that is hard to manage.
I need to implement mechanism for revoking certain password, identified
with some label. Like i show bellow. To implement this with mutlivalued
userPassword I have to store password somewhere else. That is not very
elegant nor safe.
My idea is this:
uid=semik,dc=neco
objectClass: inetOrgPerson
cn: Jan Tomasek
sn: Tomasek
uid: semik
userPassword: {SSHA}...
dc=12345,uid=semik,dc=neco
objectClass: appPassword
dc: 12345
password: some-generated-password1
passwordLabel: phone-email
dc=12395,uid=semik,dc=neco
objectClass: appPassword
dc: 12395
password: some-generated-password2
passwordLabel: tablet-email
dc=12399,uid=semik,dc=neco
objectClass: appPassword
dc: 12399
password: some-generated-password3
passwordLabel: phone-calendar
--
-----------------------
Jan Tomasek aka Semik
http://www.tomasek.cz/
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
