On 12/03/14 22:52, Rob wrote:
Hi,I have configured an AIX 6.1 server to connect to a RHEL 6.5 IPA server. The AIX server is configured to use netgroups and all that works for existing the users. The problem is when a users password expires or when a new user is created. They cannot change their password WARNING: Your password has expired. You must change your password now and login again! Changing password for "testuser" testuser's Old password: testuser's New password: Connection to localhost closed. The problem seems to be related to not getting a kerberos ticket as kinit can be used to change the password. Logging is enabled but no logs ever get updated [logging] kdc = FILE:/var/krb5/log/krb5kdc.log admin_server = FILE:/var/krb5/log/kadmin.log kadmin_local = FILE:/var/krb5/log/kadmin_local.log default = FILE:/var/krb5/log/krb5lib.log Anybody ever come across this? Or know how to get logging working? _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
* I am not familiar with AIX. Just quick tip for what we had to do on Solaris to make password changes work - as the issue sounded somewhat familiar... :) We have to set "kpasswd_protocol = SET_CHANGE" to krb5.conf when used with any "non-Solaris KDC". Perhaps you have a similar setting for AIX? *
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
