On Thu, Mar 26, 2015 at 07:47:34PM +0530, Yogesh Sharma wrote:
> Once I manually initialize the user Ticket on IPA Server using kinit
> username, I am able to login with and without FQDN.

It's expected that IPA users are created with expired password. But SSSD
should have prompted you for a password change if you logged in the
first time you logged in with the expired password...as seen from the
krb5_child.log, it got the correct response from the KDC..

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to