| 1 |
Hi, |
| 2 |
|
| 3 |
Some weeks go well, some don't. For me, this one isn't. |
| 4 |
|
| 5 |
The AD at work was moaning that I needed to change the password, which I duly |
| 6 |
did under protest. Then all hell broke loose. 30 seconds later the account |
| 7 |
was locked. |
| 8 |
|
| 9 |
That turned out to be kontact checking Exchange once a minute when I thought I |
| 10 |
had unset auto checks. Phoned IT, got the account unlocked. And it happened |
| 11 |
again, this time kwallet had cached something. Fixed by manually going |
| 12 |
through everything in kwallet, changing all old passwords I found. And I got |
| 13 |
locked out a third time, which appears to be due to ldap lookups (more than |
| 14 |
one). $DEITY only knows where these are coming from, I've been doing some |
| 15 |
experimenting lately.... |
| 16 |
|
| 17 |
IT are getting a wee bit upset with me, and this happens regularly once a |
| 18 |
month but today was especially bad. Methinks I should consolidate all the |
| 19 |
many apps and URLs that auth against the domain. And I'm wondering how best |
| 20 |
to do this as I'm clueless about it actually - I normally avoid MS stuff like |
| 21 |
the plague. |
| 22 |
|
| 23 |
Should I be looking into winbind? |
| 24 |
Or configure kerberos to join the domain and have all my apps use that? |
| 25 |
Some ldap-proxy type setup? |
| 26 |
|
| 27 |
Pointers to howtos and opinions on what's worth the effort are all that I'm |
| 28 |
after today - I can read the details in the man pages myself once I have a |
| 29 |
known direction to follow. If my three ideas above sound stupid, that's |
| 30 |
because they probably are :-) |
| 31 |
|
| 32 |
-- |
| 33 |
alan dot mckinnon at gmail dot com |
Archives