Re: [ovirt-users] IPA-auth: user password expired
Hi, Thank you, that's worked! Bye Tibor - Eredeti üzenet - Hi, An ldappasswd command would change it without setting as expired. It will prompt twice for the account password you'll set, and the password for the directory manager once: $ ldappasswd -ZZ -D 'cn=directory manager' -W -S uid=USERNAME,cn=users,cn=accounts,dc=example,dc=org -H ldap:// ipaserver.example.org You'll need to set the username (USERNAME) domain ( example.org ) and server FQDN accordingly. Hope this helps, On Wed, Nov 19, 2014 at 8:38 PM, Demeter Tibor tdeme...@itsmart.hu wrote: Hi, I don't have linux client. Can I change password without this? Thanks, Tibor Hi Tibor, On Wed, Nov 19, 2014 at 6:46 PM, Demeter Tibor tdeme...@itsmart.hu wrote: Hi, I have an IPA server 3.0 on centos 6.6. I successfully attached to my ovirt cluster. I can see the users on ovirt user tab, but after auth I always get this error: Cannot Login. User Password has expired. Use the following URL to change the password: (nothing) I have try out with different long passwords and different users, but it's same. Did you try accessing a regular linux client with the same account? In IPA, new user passwords are always set as expired by design - please see [1]. To test this, you can try to login a client. If it is really expired, system will ask you to provide a new password. After this, you'll be able to login RHEVM with the new password you've just set. [1] http://www.freeipa.org/page/New_Passwords_Expired Regards, -- Ekin -- Ekin Meroğlu Red Hat Certified Datacenter Specialist linuxera Özgür Yazılım Çözüm ve Hizmetleri T +90 (850) 22 LINUX GSM +90 (532) 137 77 04 ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] IPA-auth: user password expired
Hi, I have an IPA server 3.0 on centos 6.6. I successfully attached to my ovirt cluster. I can see the users on ovirt user tab, but after auth I always get this error: Cannot Login. User Password has expired. Use the following URL to change the password: (nothing) I have try out with different long passwords and different users, but it's same. Is this version compatible with ovirt 3.5? What did I wrong? Thanks in advance, Tibor ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] IPA-auth: user password expired
- Original Message - From: Demeter Tibor tdeme...@itsmart.hu To: users@ovirt.org List users@ovirt.org Sent: Wednesday, November 19, 2014 6:46:32 PM Subject: [ovirt-users] IPA-auth: user password expired Hi, I have an IPA server 3.0 on centos 6.6. I successfully attached to my ovirt cluster. I can see the users on ovirt user tab, but after auth I always get this error: Cannot Login. User Password has expired. Use the following URL to change the password: (nothing) I have try out with different long passwords and different users, but it's same. Is this version compatible with ovirt 3.5? What did I wrong? Logs will be nice /var/log/ovirt-engine/engine.log. Also testing the new ovirt-engine-extension-aaa-ldap provider from 3.5 snapshots repo will be nice[1] [1] http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=HEAD ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] IPA-auth: user password expired
Hi Tibor, On Wed, Nov 19, 2014 at 6:46 PM, Demeter Tibor tdeme...@itsmart.hu wrote: Hi, I have an IPA server 3.0 on centos 6.6. I successfully attached to my ovirt cluster. I can see the users on ovirt user tab, but after auth I always get this error: Cannot Login. User Password has expired. Use the following URL to change the password: (nothing) I have try out with different long passwords and different users, but it's same. Did you try accessing a regular linux client with the same account? In IPA, new user passwords are always set as expired by design - please see [1]. To test this, you can try to login a client. If it is really expired, system will ask you to provide a new password. After this, you'll be able to login RHEVM with the new password you've just set. [1] http://www.freeipa.org/page/New_Passwords_Expired Regards, -- Ekin ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] IPA-auth: user password expired
Hi, An ldappasswd command would change it without setting as expired. It will prompt twice for the account password you'll set, and the password for the directory manager once: $ ldappasswd -ZZ -D 'cn=directory manager' -W -S uid=USERNAME,cn=users,cn=accounts,dc=example,dc=org -H ldap:// ipaserver.example.org You'll need to set the username (USERNAME) domain (example.org) and server FQDN accordingly. Hope this helps, On Wed, Nov 19, 2014 at 8:38 PM, Demeter Tibor tdeme...@itsmart.hu wrote: Hi, I don't have linux client. Can I change password without this? Thanks, Tibor -- Hi Tibor, On Wed, Nov 19, 2014 at 6:46 PM, Demeter Tibor tdeme...@itsmart.hu wrote: Hi, I have an IPA server 3.0 on centos 6.6. I successfully attached to my ovirt cluster. I can see the users on ovirt user tab, but after auth I always get this error: Cannot Login. User Password has expired. Use the following URL to change the password: (nothing) I have try out with different long passwords and different users, but it's same. Did you try accessing a regular linux client with the same account? In IPA, new user passwords are always set as expired by design - please see [1]. To test this, you can try to login a client. If it is really expired, system will ask you to provide a new password. After this, you'll be able to login RHEVM with the new password you've just set. [1] http://www.freeipa.org/page/New_Passwords_Expired Regards, -- Ekin -- Ekin Meroğlu *Red Hat Certified Datacenter Specialist* *linuxera* Özgür Yazılım Çözüm ve Hizmetleri *T* +90 (850) 22 LINUX *GSM* +90 (532) 137 77 04 ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users