If I put the adm account into a user group and ssh in I can set a password,

====
[jonesst1@8kxl72s ~]$ ssh -l admjonesst1 localhost -p22
admjonesst1@localhost's password: 
Password expired. Change your password now.
Creating home directory for admjonesst1.
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for user admjonesst1.
Current Password: 
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.
Connection to localhost closed.
[jonesst1@8kxl72s ~]$ ssh -l admjonesst1 localhost -p22
admjonesst1@localhost's password: 
Last login: Fri Jul 27 11:03:37 2012 from 127.0.0.1
[admjonesst1@8kxl72s ~]$ 
====

regards

Steven Jones

Technical Specialist - Linux RHCE

Victoria University, Wellington, NZ

0064 4 463 6272

________________________________________
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on 
behalf of Steven Jones [steven.jo...@vuw.ac.nz]
Sent: Friday, 27 July 2012 10:48 a.m.
Cc: freeipa-users@redhat.com
Subject: [Freeipa-users] resetting an admin account.

I have tried to reset my admin password (admjonesst1) using the admin account 
toa temp password,

So I run a kinit admjonesst1 to reset it to a perm one and I get,

========
[jonesst1@8kxl72s ~]$ kinit admjonesst1
Password for admjones...@ods.vuw.ac.nz:
Password expired.  You must change it now.
Enter new password:
Enter it again:
kinit: Cannot contact any KDC for requested realm while getting initial 
credentials
[jonesst1@8kxl72s ~]$ kinit admjonesst1
Password for admjones...@ods.vuw.ac.nz:
Password expired.  You must change it now.
Enter new password:
Enter it again:
kinit: Cannot contact any KDC for requested realm while getting initial 
credentials
[jonesst1@8kxl72s ~]$
========

The krb log says,
=======
Jul 27 10:44:03 vuwunicoipam002.ods.vuw.ac.nz krb5kdc[4102](info): AS_REQ (4 
etypes {18 17 16 23}) 130.195.245.249: CLIENT KEY EXPIRED: 
admjones...@ods.vuw.ac.nz for krbtgt/ods.vuw.ac...@ods.vuw.ac.nz, Password has 
expired
Jul 27 10:44:03 vuwunicoipam002.ods.vuw.ac.nz krb5kdc[4102](info): AS_REQ (4 
etypes {18 17 16 23}) 130.195.245.249: NEEDED_PREAUTH: 
admjones...@ods.vuw.ac.nz for kadmin/chang...@ods.vuw.ac.nz, Additional 
pre-authentication required
Jul 27 10:44:11 vuwunicoipam002.ods.vuw.ac.nz krb5kdc[4102](info): AS_REQ (4 
etypes {18 17 16 23}) 130.195.245.249: ISSUE: authtime 1343342651, etypes 
{rep=18 tkt=18 ses=18}, admjones...@ods.vuw.ac.nz for 
kadmin/chang...@ods.vuw.ac.nz
Jul 27 10:44:41 vuwunicoipam002.ods.vuw.ac.nz krb5kdc[4102](info): AS_REQ (4 
etypes {18 17 16 23}) 130.195.245.249: CLIENT KEY EXPIRED: 
admjones...@ods.vuw.ac.nz for krbtgt/ods.vuw.ac...@ods.vuw.ac.nz, Password has 
expired
Jul 27 10:44:41 vuwunicoipam002.ods.vuw.ac.nz krb5kdc[4102](info): AS_REQ (4 
etypes {18 17 16 23}) 130.195.245.249: NEEDED_PREAUTH: 
admjones...@ods.vuw.ac.nz for kadmin/chang...@ods.vuw.ac.nz, Additional 
pre-authentication required
Jul 27 10:44:46 vuwunicoipam002.ods.vuw.ac.nz krb5kdc[4102](info): AS_REQ (4 
etypes {18 17 16 23}) 130.195.245.249: ISSUE: authtime 1343342686, etypes 
{rep=18 tkt=18 ses=18}, admjones...@ods.vuw.ac.nz for 
kadmin/chang...@ods.vuw.ac.nz
=======

Any idea what's going on here pls?



regards

Steven Jones

Technical Specialist - Linux RHCE

Victoria University, Wellington, NZ

0064 4 463 6272


_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users



_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to