1 |
Hi, |
2 |
|
3 |
Some weeks go well, some don't. For me, this one isn't. |
4 |
|
5 |
The AD at work was moaning that I needed to change the password, which I duly |
6 |
did under protest. Then all hell broke loose. 30 seconds later the account |
7 |
was locked. |
8 |
|
9 |
That turned out to be kontact checking Exchange once a minute when I thought I |
10 |
had unset auto checks. Phoned IT, got the account unlocked. And it happened |
11 |
again, this time kwallet had cached something. Fixed by manually going |
12 |
through everything in kwallet, changing all old passwords I found. And I got |
13 |
locked out a third time, which appears to be due to ldap lookups (more than |
14 |
one). $DEITY only knows where these are coming from, I've been doing some |
15 |
experimenting lately.... |
16 |
|
17 |
IT are getting a wee bit upset with me, and this happens regularly once a |
18 |
month but today was especially bad. Methinks I should consolidate all the |
19 |
many apps and URLs that auth against the domain. And I'm wondering how best |
20 |
to do this as I'm clueless about it actually - I normally avoid MS stuff like |
21 |
the plague. |
22 |
|
23 |
Should I be looking into winbind? |
24 |
Or configure kerberos to join the domain and have all my apps use that? |
25 |
Some ldap-proxy type setup? |
26 |
|
27 |
Pointers to howtos and opinions on what's worth the effort are all that I'm |
28 |
after today - I can read the details in the man pages myself once I have a |
29 |
known direction to follow. If my three ideas above sound stupid, that's |
30 |
because they probably are :-) |
31 |
|
32 |
-- |
33 |
alan dot mckinnon at gmail dot com |