Jenny Galipeau wrote:
Michael Kang wrote:
Dear FreeIPA community,
I successfully installed FreeIPA this morning. Now I got a problem
about Kerberos Authentication. New user cannot modify their password
in shell.
Hi Michael:
Did you set the new user's initial password?
kinit admin
ipa passwd haha
Thanks
Jenny
Also kinit as haha, because haha will be asked to change the password on
first authentication.
Thanks
Jenny
I added a new user named /haha(group: ipauser)/ based on the webUI.
This user is not a existed system user. Then I added a new
Delegations(allow people in group ipauser can modify password for
group ipauser) .
/[mich...@freeipa Desktop]$ su - haha/
/Password: /
/Warning: Your password will expire in less than one hour./
/Warning: password has expired./
/Kerberos 5 Password: /
/Warning: Your password will expire in less than one hour./
/New UNIX password: /
/Retype new UNIX password: /
/su: incorrect password/
/[mich...@freeipa Desktop]$ su - root/
/Password: /
/[r...@freeipa ~]# su - haha/
/su: warning: cannot change directory to /home/haha: No such file
or directory/
/-sh-3.2$ /
Root can su - haha successfully. I think that means the Kerberos
works, but new user cannot reset their password in their shell.
What should I do?
Best Regards,
Michael
--
Michael Kang(康上明学)
There is a giant asleep within every man. When the giant
awakens,miracles happen.
Personal blog: http://ufusion.org - United Fusion
------------------------------------------------------------------------
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
--
Jenny Galipeau <jgali...@redhat.com>
Principal Software QA Engineer
Red Hat, Inc. Security Engineering
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
