On 11/23/2013 07:36 PM, i iordanov wrote: > Hi Juan, > > I found the setting in the file you pointed me to: > nsslapd-minssf: 0 > > I changed it to 1, but as soon as I restart the ipa service with: > systemctl restart ipa > > or reboot it reverts back to 0! Why is this happening? >
Did you change it while the server was running? If so during stop the server will probably overwrite the file. Try to change it after stopping the server: # systemctl stop dirsrv@YOUR-REALM # sed -r -i 's/^(nsslapd-minssf):.*$/\1: 1/' /etc/dirsrv/slapd-YOUR-REALM/dse.ldif # systemctl start dirsrv@YOUR-REALM In fact modifying the file is not good practice, you may prefer to do it using LDAP: # cat > fixssf.ldif <<. dn: cn=config replace: nsslapd-minssf nsslapd-minssf: 1 - . # ldapmodify -H ldap://your.ldap.server -D 'cn=Directory Manager' -x -w your_directory_manager_password -f fixssf.ldif I have just tested this in my local environment and with minssf=1 it works correctly, including the ability to search for users in the LDAP directory from the administration GUI and using those users to log in to both the administration GUI and to the user portal. -- Dirección Comercial: C/Jose Bardasano Baos, 9, Edif. Gorbea 3, planta 3ºD, 28016 Madrid, Spain Inscrita en el Reg. Mercantil de Madrid – C.I.F. B82657941 - Red Hat S.L. _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users