Il 16/12/2015 16:07, Alexander Bokovoy ha scritto:
On Wed, 16 Dec 2015, Giulio Casella wrote:
Hi guys,
I'm trying to populate FreeIPA (4.2.3) using API, but after user
creation (and password has been set) user must change password at
first logon. Same beahviour after a password change by admin.

Although this behaviour is desirable in many situations, I can't
afford it, I've got to import tens of thousands users, and I can't
force them to change their password.
How can I bypass this password change?

And, by the way: is there a way to disable password expiration?

If you are using API to create users and set their passwords, you can
use technique like described here:

Thank you for the info Alexander, I wasn't aware of the page

After creating a user via API in the usual way (json submission to /ipa/session/json) I can perform a password change submitting user credential to /ipa/session/change_password, thus resetting password expiration accordingly to system settings.

It works like a charme.

Thank you again,

Manage your subscription for the Freeipa-users mailing list:
Go to for more info on the project

Reply via email to