On 13/12/16 13:44, Ben .T.George wrote:
HI
How to disable first time password change on newly created user from web UI
Regards,
Ben
Hi Ben,
AFAIK this is not possible to do using the API.
One hacky way I can think of is modifying the krbPasswordExpiration
attribute in the 389ds after creation of the user.
$ sudo ldapmodify -D "cn=Directory Manager" -w Secret123 -h $HOSTNAME <<
END_LDIF
dn: uid=tuser,cn=users,cn=accounts,dc=example,dc=com
changetype: modify
replace: krbPasswordExpiration
krbPasswordExpiration: $(date -u -d "@$(($(date +'%s')+(90*24*3600)))"
+'%Y%m%d%H%M%S'Z)
END_LDIF
It works but I would not recommend using it in production environment.
--
David Kupka
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project