|
Jeff, I have been able to get this to work with pam_ldap. In fact, it works regardless of the pam_lookup_policy setting. One thing that may be throwing you is how you are resetting the password. According to the docs, only a password reset by the Directory Manager will force the user to change their password on the next bind attempt/login. So before you wrack your brain over your pam/ldap configuration on the client, try logging in to the admin web interface and change the users password as the Directory Manager. Then reauthenticate on the web interface as that user and see if it tells you that you need to change your password. If it doesn't prompt you to change your password, then there is something wrong with your password policy configuration, not pam_ldap. Brian Jeff Falgout wrote: Now, when i login to the terminal after a password reset, the login succeeds, but a messages flashes on the screen - something about password after reset - and I'm taken back to the login prompt. |
-- Fedora-directory-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/fedora-directory-users
