Hello All. I’ve searched the archives of this mailing list looking for an answer for this one, but all I found lead me nowhere. ☹ Closest thread to help me was: https://www.redhat.com/archives/freeipa-users/2014-March/msg00153.html
Has anyone figured out a way to have expired password changes work on AIX clients? I have tried adding “kpasswd_protocol = SET_CHANGE” as well as “kpasswd_protocol = RPCSEC_GSS” to the [realms] section but none of them worked. Here is the output from an ssh test session for user “teste” on a AIX 7.1 machine: -bash-4.2$ ssh teste@localhost ################################################################################ # NICE MOTD ################################################################################ teste@localhost's password: [KRB5]: 3004-332 Your password has expired. 3004-333 A password change is required. [KRB5]: 3004-332 Your password has expired. ******************************************************************************* * * * * * Welcome to AIX Version 7.1! * * * * * * Please see the README file in /usr/lpp/bos for information pertinent to * * this release of the AIX Operating System. * * * * * ******************************************************************************* ################################################################################ # NICE MOTD ################################################################################ WARNING: Your password has expired. You must change your password now and login again! Changing password for "teste" teste's Old password: teste's New password: Enter the new password again: 3004-604 Your entry does not match the old password. Connection to localhost closed. -bash-4.2$ Atenciosamente/Best Regards __________________________________________ Luiz Fernando Vianna da Silva ITM-I - Operação Cielo +55 (11) 3626-7126 luiz.via...@tivit.com.br<mailto:luiz.via...@tivit.com.br> T I V I T Av. Maria Coelho Aguiar, 215 - Bloco D - 5˚ Andar São Paulo - SP - CEP 05804-900 www.tivit.com.br<http://www.tivit.com.br/> Esta mensagem, incluindo seus anexos, tem caráter confidencial e seu conteúdo é restrito ao destinatário da mensagem. Caso você a tenha recebido por engano, queira, por favor, retorná-la ao destinatário e apagá-la de seus arquivos. Qualquer uso não autorizado, replicação ou disseminação desta mensagem ou parte dela é expressamente proibido. A TIVIT não se responsabilizará pelo conteúdo ou pela veracidade desta informação.
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project