Hi again! Your AD, LDAP and Kerberos are working fine now, despite one problem.
If we change a users pwd in AD, and enable the option, that the user has to change it at the next loggin, then ssh prompts for a new pwd. SSH seems to use passwd to change the password, which seems to behave quite different on each machine. Sometimes, this works pretty well, but most of the time, the password is rejected. The is not a matter of a bad chosen pwd. We could link passwd to kpasswd (which works on all machines), but the policie rules and error messages are not quite what we were looking for. We haven't experienced any difference between the attempts to change the pwd, it just sometimes works and sometimes doesn't. Has anybody a clue..? Greets roman ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
