New user VS expired account

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


Hello PAM experts,
I am having a issue where PAM is not following my LDAP password policy.
Ideally, I'd like to have new users or password reset by administrators to be prompted to change the password upon logging in (using temporary password). However, I do not want expired accounts to be asked to change the password. How can I accomplish this?
In /etc/ldap.conf I have already uncommented

pam_lookup_policy yes

pam_password clear
but regardless of new or expired accounts, the login will prompt to change the password.
PS. I have a Sun Directory Server 6.3.1 as my LDAP server, and running RedHat 5.x on many of my clients. (Solaris workstations are having the expected behavior) 
Pam-list mailing list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux