OK, but as far as I understand we made some change, using a
commandline command which I cannot remember or find, which goes around
the password policy, or the attribute you talk about, when you add a
Can I change that globally? As we did it seems... but we were testing
so much back those days that it seems to be lost or so.
2015-02-05 13:21 GMT+01:00 Dmitri Pal <d...@redhat.com>:
> On 02/05/2015 05:54 AM, Matt . wrote:
>> In the past we have done some testsetups with password expiring after
>> we added a user, at the moment I have difficulties with this on 4.1.2
>> What I need is the following:
>> - We add a user using json/kinit
>> - The user is added in the right way
>> - tThe user should be able to use his set password by the admin (at least
>> At the moment the password is expired directly and I tried adding the
>> user with min/max lifetime to 0/0 which didn't work out. Als 0/500
>> doesn't seem to fix my issue.
>> I thought we had to do a little but more to accomplish this, but I'm
>> not able to find this (anymore)
>> Does someone have a clue how to fix this ? I'm quite sure this is
> It was always the feature of IPA to require password change on the first
> login after it was created.
> If you do not want it to be expired you need to change the expiration
> attribute of the account not min max life.
> Thank you,
> Dmitri Pal
> Sr. Engineering Manager IdM portfolio
> Red Hat, Inc.
> Manage your subscription for the Freeipa-users mailing list:
> Go To http://freeipa.org for more info on the project
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project