Loading tsa/doc/accounts.creole +18 −0 Original line number Original line Diff line number Diff line Loading @@ -221,6 +221,21 @@ new password. This new password can then be used to button), and use the {{{"Change password"}}} fields to create a new LDAP button), and use the {{{"Change password"}}} fields to create a new LDAP password. password. Note that LDAP (and sudo passwords, below) changes are not instantaneous: they can take between 5 to 8 minutes to propagate to any given host. More specifically, the password files are generated on the master LDAP server every five minutes, starting at the third minute of the hour, with a cron schedule like this: 3,8,13,18,23,28,33,38,43,48,53,58 Then those files are synchronized on a more standard 5 minutes schedule to all hosts. There are also delays involved in the mail loop, of course. === Host specific passwords / sudo passwords === === Host specific passwords / sudo passwords === Your LDAP password can *not* be used to authenticate to `sudo` on Your LDAP password can *not* be used to authenticate to `sudo` on Loading Loading @@ -248,6 +263,9 @@ configured accounts on configured hosts. Consult the output of "sudo -l" if you don't know what you may do. (If you don't know, chances are -l" if you don't know what you may do. (If you don't know, chances are you don't need to nor can use sudo.) you don't need to nor can use sudo.) Do mind the delays in LDAP and sudo passwords change, mentioned in the previous section. == <a id="key-rollover">Changing/Updating your OpenPGP key</a> == == <a id="key-rollover">Changing/Updating your OpenPGP key</a> == If you are planning on migrating to a new OpenPGP key and you also want to If you are planning on migrating to a new OpenPGP key and you also want to Loading Loading
tsa/doc/accounts.creole +18 −0 Original line number Original line Diff line number Diff line Loading @@ -221,6 +221,21 @@ new password. This new password can then be used to button), and use the {{{"Change password"}}} fields to create a new LDAP button), and use the {{{"Change password"}}} fields to create a new LDAP password. password. Note that LDAP (and sudo passwords, below) changes are not instantaneous: they can take between 5 to 8 minutes to propagate to any given host. More specifically, the password files are generated on the master LDAP server every five minutes, starting at the third minute of the hour, with a cron schedule like this: 3,8,13,18,23,28,33,38,43,48,53,58 Then those files are synchronized on a more standard 5 minutes schedule to all hosts. There are also delays involved in the mail loop, of course. === Host specific passwords / sudo passwords === === Host specific passwords / sudo passwords === Your LDAP password can *not* be used to authenticate to `sudo` on Your LDAP password can *not* be used to authenticate to `sudo` on Loading Loading @@ -248,6 +263,9 @@ configured accounts on configured hosts. Consult the output of "sudo -l" if you don't know what you may do. (If you don't know, chances are -l" if you don't know what you may do. (If you don't know, chances are you don't need to nor can use sudo.) you don't need to nor can use sudo.) Do mind the delays in LDAP and sudo passwords change, mentioned in the previous section. == <a id="key-rollover">Changing/Updating your OpenPGP key</a> == == <a id="key-rollover">Changing/Updating your OpenPGP key</a> == If you are planning on migrating to a new OpenPGP key and you also want to If you are planning on migrating to a new OpenPGP key and you also want to Loading
