Hello, I have been using IPA for authentication with a RHEV environment.
Quite a while ago, I got help from this list in making it so that my users could access the WebUI with their login and passwords, no Kerberos ticket required. I also had it working that when their passwords expired, they would ssh to the IPA server as themselves, get challenged for their current password, and then the opportunity to provide a new one. The update to ipa-server 3.0.0-25.el6 means that I can no longer log into the WebUI with just a login and password (see attached screenshot) and that users who try and update expired passwords get: You must change your password now and login again! Changing password for user juwu. Current Password: New password: Retype new password: Password change failed. Server message: Password not changed. Insufficient access to perform requested operation while trying to change password. passwd: Authentication token manipulation error Connection to dns1.ecs-cloud.lab.eng.bne.redhat.com closed. Can anyone help me restore that functionality? Please? Tim Hildred, RHCE Content Author II - Engineering Content Services, Red Hat, Inc. Brisbane, Australia Email: thild...@redhat.com Internal: 8588287 Mobile: +61 4 666 25242 IRC: thildred
_______________________________________________ Freeipa-users mailing list Freeipaemail@example.com https://www.redhat.com/mailman/listinfo/freeipa-users