Marc Schlinger wrote:
Le 30/09/2010 18:30, Simo Sorce a écrit :
You can use ldappasswd too, either with GSSAPI auth or eventually even
with plaintext auth (require using SSL) in that case though you will
neeed to know the user DN.
So if a user logs in when his password is expired, will pam_ldap in the
pam password step do the trick ?
I still wonder how ldappasswd can change the kerberos password.
We keep passwords in sync regardless of the mechanism used to change it.
Freeipa-users mailing list