Michael Kang wrote:
Dear FreeIPA community,

I successfully installed FreeIPA this morning. Now I got a problem about Kerberos Authentication. New user cannot modify their password in shell.
Hi Michael:
Did you set the new user's initial password?
kinit admin
ipa passwd haha
Thanks
Jenny

I added a new user named /haha(group: ipauser)/ based on the webUI. This user is not a existed system user. Then I added a new Delegations(allow people in group ipauser can modify password for group ipauser) .

    /[mich...@freeipa Desktop]$ su - haha/
    /Password: /

    /Warning: Your password will expire in less than one hour./
    /Warning: password has expired./
    /Kerberos 5 Password: /
    /Warning: Your password will expire in less than one hour./
    /New UNIX password: /
    /Retype new UNIX password: /
    /su: incorrect password/
    /[mich...@freeipa Desktop]$ su - root/
    /Password: /
    /[r...@freeipa ~]# su - haha/
    /su: warning: cannot change directory to /home/haha: No such file
    or directory/
    /-sh-3.2$ /


Root can su - haha successfully. I think that means the Kerberos works, but new user cannot reset their password in their shell.

What should I do?

Best Regards,
Michael

--
Michael Kang(康上明学)
There is a giant asleep within every man. When the giant awakens,miracles happen.

Personal blog: http://ufusion.org - United Fusion
------------------------------------------------------------------------

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users


--
Jenny Galipeau <jgali...@redhat.com>
Principal Software QA Engineer
Red Hat, Inc. Security Engineering

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to