On 04/15/2018 09:26 PM, TomK via FreeIPA-users wrote:
I don't know your password policy settings. But there is a
passwordMinAge. It is useful in combination with password history. If
you want to prevent a user to reuse a password, it will prevent users to
change their password 10 times in a sequence and use the first password
Not 'really' an issue but curious about the logic behind this scenario.
I get a message saying "Your password expires in 4 days." So I go to
change it for the admin user (I'm reusing the same pass) and type it
in but then get this message:
IPA Error 4203: DatabaseError
Constraint violation: Too soon to change password.
I do have a replica but no errors in the log (grep -Ei error
/var/log/ipa/* yields no results on both nodes).
So then why the message? Shouldn't it be perfectly legit to change
the pass before it's expiration? Would like to be able to change it
because in 4 days it won't be very convenient for me to do so.
Red Hat GmbH, http://www.de.redhat.com/, Registered seat: Grasbrunn,
Commercial register: Amtsgericht Muenchen, HRB 153243,
Managing Directors: Charles Cachera, Michael Cunningham, Michael O'Neill, Eric
FreeIPA-users mailing list -- email@example.com
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org