[
https://issues.apache.org/jira/browse/GUACAMOLE-1296?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mike Jumper updated GUACAMOLE-1296:
-----------------------------------
Issue Type: New Feature (was: Bug)
> Add support for LDAP/AD password expiration and reset
> -----------------------------------------------------
>
> Key: GUACAMOLE-1296
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1296
> Project: Guacamole
> Issue Type: New Feature
> Components: guacamole-auth-ldap
> Affects Versions: 1.3.0
> Reporter: Gary V
> Priority: Minor
>
> Guacamole login fails when a user is required to set a new AD password after
> first login.
> When a user logs in, AD returns code 773, which implies the authorization is
> correct but a new password must be set immediately in the remote session.
> Guacamole login fails.
>
> Hint from catalina.out:
> {{Message ID : 1}}
> \{{ BindResponse}}
> \{{ Ldap Result}}
> \{{ Result code : (INVALID_CREDENTIALS) invalidCredentials}}
> \{{ Matched Dn : ''}}
> \{{ Diagnostic message : '80090308: LdapErr: DSID-0C090439, comment:
> AcceptSecurityContext error, data 773, v4563^@'}}
>
> Edit some hours later:
> I was able to workaround the problem by setting the password of the users
> account to the same default password as set in AD. Then the login succeeded,
> Windows forced the user to change password, and the user was then able to
> login with the new username/password combo.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
