Hi all, I am trying to roll out ipa as our central authentication system, and am running into problems with password changes on CentOS 5.
Scenario: Admin user resets a user's password. The user, on a non-IPA-managed system, logs into a CentOS 5 server (IPA-managed) via ssh. The temporary password is accepted and the user is immediately prompted to change the password, but the password change fails with the message 'System is offline, password change not possible'. $ ssh kelvin@testhost kelvin@testhost's password: Warning: Your password will expire in less than one hour. Password expired. Change your password now. Last login: Thu Feb 16 21:54:59 2012 from vpn WARNING: Your password has expired. You must change your password now and login again! Changing password for user kelvin. Current Password: New UNIX password: Retype new UNIX password: System is offline, password change not possible Warning: Your password will expire in less than one hour. Warning: Your password will expire in less than one hour. passwd: Authentication token manipulation error Connection to testhost closed. What am I missing? Can someone please help me get this working? Thanks, Kelvin _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users