(without using full kerberos) doesn't fit your needs?
That is how we pam authenticate to AD. I'm not sure
about the force password change, but I did have the
passwd command on Linux set up the password on AD
when winbind was in /etc/nsswitch.conf
_______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list