Pete Rowley said: > > >> -----Original Message----- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] On Behalf >> Of [EMAIL PROTECTED] >> Sent: Tuesday, June 14, 2005 11:26 AM >> To: General discussion list for the Fedora Directory server project. >> Subject: Re: [Fedora-directory-users] pam_ldap and password policy >> changed. BTW - how would pam_ldap force the user to change >> their password - can it do it itself, or would it require the >> user to log in and run passwd or something? It may not be possible. >> > > PAM has the necessary protocol for password changes during logon - in fact > PAM gets called by passwd. However, I do not know off hand whether > pam_ldap > implements those functions. >
It seems that pam_ldap is checking the password policy - I've looked at ldap.conf so many times, I've overlooked this setting: # Search the root DSE for the password policy (works # with Netscape Directory Server) pam_lookup_policy yes Now, when i login to the terminal after a password reset, the login succeeds, but a messages flashes on the screen - something about password after reset - and I'm taken back to the login prompt. Any ideas? -- Fedora-directory-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/fedora-directory-users
