SSH, expired pwd, change rejected
Roman.Schoenbichler@gmail.com
Roman.Schoenbichler at gmail.com
Tue Sep 18 05:04:16 EDT 2007
Hi again!
Your AD, LDAP and Kerberos are working fine now, despite one problem.
If we change a users pwd in AD, and enable the option, that the user
has to change it at the next loggin, then ssh prompts for a new pwd.
SSH seems to use passwd to change the password, which seems to behave
quite different on each machine.
Sometimes, this works pretty well, but most of the time, the password
is rejected. The is not a matter of a bad chosen pwd.
We could link passwd to kpasswd (which works on all machines), but the
policie rules and error messages are not quite what we were looking
for.
We haven't experienced any difference between the attempts to change
the pwd, it just sometimes works and sometimes doesn't.
Has anybody a clue..?
Greets
roman
More information about the Kerberos
mailing list