5f7cd30 AD: add task to renew the machine account password if needed

10 files Authored by sbose 8 years ago, Committed by jhrozek 8 years ago,
    AD: add task to renew the machine account password if needed
    
    AD expects its clients to renew the machine account password on a
    regular basis, be default every 30 days. Even if a client does not renew
    the password it might not cause issues because AD does not enforce the
    renewal. But the password age might be used to identify unused machine
    accounts in large environments which might get disabled or deleted
    automatically.
    
    With this patch SSSD calls an external program to check the age of the
    machine account password and renew it if needed. Currently 'adcli' is
    used as external program which is able to renew the password since
    version 0.8.0.
    
    Resolves https://fedorahosted.org/sssd/ticket/1041
    
    Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
    
        
file modified
+1 -0
file modified
+33 -0
file modified
+5 -0
file modified
+7 -0
file modified
+2 -0
file modified
+1 -0
file modified
+1 -0