On 13/12/16 13:44, Ben .T.George wrote:
HI

How to disable first time password change on newly created user from web UI

Regards,
Ben



Hi Ben,
AFAIK this is not possible to do using the API.

One hacky way I can think of is modifying the krbPasswordExpiration attribute in the 389ds after creation of the user.

$ sudo ldapmodify -D "cn=Directory Manager" -w Secret123 -h $HOSTNAME << END_LDIF
dn: uid=tuser,cn=users,cn=accounts,dc=example,dc=com
changetype: modify
replace: krbPasswordExpiration
krbPasswordExpiration: $(date -u -d "@$(($(date +'%s')+(90*24*3600)))" +'%Y%m%d%H%M%S'Z)
END_LDIF

It works but I would not recommend using it in production environment.

--
David Kupka

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to