Re: pam_ldap and password policy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Jeff,

I have been able to get this to work with pam_ldap.  In fact, it works regardless of the pam_lookup_policy setting.  One thing that may be throwing you is how you are resetting the password.  According to the docs, only a password reset by the Directory Manager will force the user to change their password on the next bind attempt/login.

So before you wrack your brain over your pam/ldap configuration on the client, try logging in to the admin web interface and change the users password as the Directory Manager.  Then reauthenticate on the web interface as that user and see if it tells you that you need to change your password.  If it doesn't prompt you to change your password, then there is something wrong with your password policy configuration, not pam_ldap.

Brian

Jeff Falgout wrote: 
Now, when i login to the terminal after a password reset, the
login succeeds, but a messages flashes on the screen -
something about password after reset - and I'm taken back to
the login prompt.

Any ideas?
      
Sounds like pam_ldap doesn't implement this properly - it should be
prompting you like passwd had been executed.  I'll dig out that source
code
when I get a minute or two.


    

Is this something I should submit to Bugzilla?

Thanks.


--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
  
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux