New user VS expired account

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello PAM experts,
 
I am having a issue where PAM is not following my LDAP password policy.
Ideally, I'd like to have new users or password reset by administrators to be prompted to change the password upon logging in (using temporary password). However, I do not want expired accounts to be asked to change the password. How can I accomplish this?
In /etc/ldap.conf I have already uncommented
 

pam_lookup_policy yes

pam_password clear
 
but regardless of new or expired accounts, the login will prompt to change the password.
HELP!
 
thanks!
 
 
--Tony
 
PS. I have a Sun Directory Server 6.3.1 as my LDAP server, and running RedHat 5.x on many of my clients. (Solaris workstations are having the expected behavior) 
 
_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux