------=_Part_6830391_1351976731.1416471066743
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Hi,=20
Thank you, that's worked!=20
Bye=20
Tibor=20
----- Eredeti =C3=BCzenet -----
Hi,
An ldappasswd command would change it without setting as expired. It
will
prompt twice for the account password you'll set, and the password for th=
e
directory manager once:
$ ldappasswd -ZZ -D 'cn=3Ddirectory manager' -W -S
uid=3DUSERNAME,cn=3Dusers,cn=3Daccounts,dc=3Dexample,dc=3Dorg -H ldap://
ipaserver.example.org
You'll need to set the username (USERNAME) domain (
example.org )
and ser=
ver
FQDN accordingly.
Hope this helps,
On Wed, Nov 19, 2014 at 8:38 PM, Demeter Tibor <
tdemeter(a)itsmart.hu > wr=
ote:
>
Hi,
>=20
> I don't have linux client.
=20
> Can I change password without this?
=20
> Thanks,
=20
> Tibor
=20
> > Hi Tibor,
>=20
=20
> > On Wed, Nov 19, 2014 at 6:46 PM, Demeter Tibor <
tdemeter(a)itsmart.hu =
> > wrote:
>=20
=20
> > >
Hi,
> > >=20
>=20
=20
> > > I have an IPA server 3.0 on centos 6.6.
> >=20
>=20
=20
> > > I successfully attached to my ovirt cluster.
> >=20
>=20
=20
> > > I can see the users on ovirt user tab, but after auth I always get =
this
> > > error:
> >=20
>=20
=20
> > > Cannot Login. User Password has expired. Use the
following URL to
> > > change
> > > the
> > > password: (nothing)
> >=20
>=20
=20
> > > I have try out with different long passwords and
different users, b=
ut
> > > it's
> > > same.
> >=20
>=20
=20
> > =E2=80=8BDid you try accessing a regular linux client with
the same a=
ccount? In
> > IPA,
> > new user passwords are always set as expired by design - please see [=
1].
>=20
=20
> > > To test this, you can try to login a client. If it is really expired,
> > > system
> > > will ask you to provide a new password. After this, you'll be able to
> > > login
> > > RHEVM with the new password you've just set.
>=20
=20
> > > =E2=80=8B[1]
>=20
=20
> > >
http://www.freeipa.org/page/New_Passwords_Expired =E2=80=8B
>=20
=20
> > > Regards,
>=20
=20
> > > --
>=20
=20
> > > Ekin
>=20
=20
--
Ekin Mero=C4=9Flu Red Hat Certified Datacenter Specialist
linuxera =C3=96zg=C3=BCr Yaz=C4=B1l=C4=B1m =C3=87=C3=B6z=C3=BCm ve Hizmet=
leri
T +90 (850) 22 LINUX GSM +90 (532) 137 77 04
------=_Part_6830391_1351976731.1416471066743
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable
<html><body><div style=3D"font-family: times new roman, new york,
times, se=
rif; font-size: 12pt; color:
#000000"><div>Hi,</div><div><br></div><div>Tha=
nk you, that's
worked!</div><div><br></div><div>Bye</div><div><br></div><di=
v>Tibor</div><div><br></div><div><br></div><hr
id=3D"zwchr"><blockquote sty=
le=3D"border-left:2px solid #1010FF;margin-left:5px;padding-left:5px;color:=
#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:=
Helvetica,Arial,sans-serif;font-size:12pt;"><div
dir=3D"ltr"><div class=3D"=
gmail_default"
style=3D"font-family:tahoma,sans-serif;font-size:small">Hi,<=
/div><div class=3D"gmail_default"
style=3D"font-family:tahoma,sans-serif;fo=
nt-size:small"><br></div><div class=3D"gmail_default"
style=3D"font-family:=
tahoma,sans-serif;font-size:small">An ldappasswd command would change it wi=
thout setting as expired. It will prompt twice for the account password you=
'll set, and the password for the directory manager once:</div><div
c=
lass=3D"gmail_default"
style=3D"font-family:tahoma,sans-serif;font-size:sma=
ll"><br></div><div class=3D"gmail_default"
style=3D""><span face=3D"monospa=
ce" data-mce-style=3D"font-family: monospace;" style=3D"font-family:
monosp=
ace;">$ ldappasswd -ZZ -D 'cn=3Ddirectory manager' -W -S
uid=3DUSERNAME,cn=
=3Dusers,cn=3Daccounts,dc=3Dexample,dc=3Dorg -H ldap://<a href=3D"http://ip=
aserver.example.org"
target=3D"_blank">ipaserver.example.org</a></span><br>=
</div><div class=3D"gmail_default" style=3D""><span
face=3D"tahoma, sans-se=
rif" data-mce-style=3D"font-family: tahoma, sans-serif;"
style=3D"font-fami=
ly: tahoma, sans-serif;"><br></span></div><div
class=3D"gmail_default" styl=
e=3D""><span face=3D"tahoma, sans-serif"
data-mce-style=3D"font-family: tah=
oma, sans-serif;" style=3D"font-family: tahoma, sans-serif;">You'll
need to=
set the username (USERNAME) domain (<a href=3D"http://example.org" target=
=3D"_blank">example.org</a>) and server FQDN
accordingly.</span></div><div =
class=3D"gmail_default" style=3D""><span face=3D"tahoma,
sans-serif" data-m=
ce-style=3D"font-family: tahoma, sans-serif;" style=3D"font-family:
tahoma,=
sans-serif;"><br></span></div><div
class=3D"gmail_default" style=3D""><spa=
n face=3D"tahoma, sans-serif" data-mce-style=3D"font-family: tahoma,
sans-s=
erif;" style=3D"font-family: tahoma, sans-serif;">Hope this
helps,</span></=
div></div><div class=3D"gmail_extra"><br><div
class=3D"gmail_quote">On Wed,=
Nov 19, 2014 at 8:38 PM, Demeter Tibor <span dir=3D"ltr"><<a
href=3D"ma=
ilto:tdemeter@itsmart.hu"
target=3D"_blank">tdemeter(a)itsmart.hu</a>&gt;</sp=
an> wrote:<br><blockquote class=3D"gmail_quote"
style=3D"margin:0 0 0 .8ex;=
border-left:1px #ccc solid;padding-left:1ex"><div><div
style=3D"font-family=
:times new roman,new
york,times,serif;font-size:12pt;color:#000000"><div>Hi=
,<br></div><div><br></div><div>I don't have linux
client.</div><div>Can I c=
hange password without
this?</div><div><br></div><div>Thanks,</div><div><br=
Tibor</div><div><br></div><hr><div><div
class=3D"h5"><blockquote style=3D"=
border-left:2px solid
#1010ff;margin-left:5px;padding-left:5px;color:#000;f=
ont-weight:normal;font-style:normal;text-decoration:none;font-family:Helvet=
ica,Arial,sans-serif;font-size:12pt"><div dir=3D"ltr"><div
class=3D"gmail_d=
efault" style=3D"font-family:tahoma,sans-serif;font-size:small">Hi
Tibor,</=
div><div class=3D"gmail_extra"><br><div
class=3D"gmail_quote">On Wed, Nov 1=
9, 2014 at 6:46 PM, Demeter Tibor <span dir=3D"ltr"><<a
href=3D"mailto:t=
demeter(a)itsmart.hu"
target=3D"_blank">tdemeter(a)itsmart.hu</a>&gt;</span> wr=
ote:<br><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px
0px 0.8ex=
;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style=
:solid;padding-left:1ex"><div style=3D"font-family:'times new
roman','new y=
ork',times,serif;font-size:12pt;color:rgb(0,0,0)"><div>Hi,</div><div><br></=
div><div>I have an IPA server 3.0 on centos 6.6.</div><div>I
successfully a=
ttached to my ovirt cluster. </div><div>I can see the users on ovirt
u=
ser tab, but after auth I always get this
error:</div><div><span><br></span=
</div><div><span>Cannot Login. User Password has
expired. Use the followin=
g URL to change the password:
(nothing)</span></div><div><span><br></span><=
/div><div><span>I have try out with different long passwords and different
=
users, but it's
same.</span></div></div></blockquote><div><br></div><div><d=
iv class=3D"gmail_default"
style=3D"font-family:tahoma,sans-serif;font-size=
:small;display:inline">=E2=80=8BDid you try accessing a regular linux clien=
t with the same account? In IPA, new user passwords are always set as expir=
ed by design - please see
[1]. </div></div><div><div class=3D"gm=
ail_default" style=3D"font-family:tahoma,sans-serif;font-size:small;display=
:inline"><br></div></div><div><div
class=3D"gmail_default" style=3D"font-fa=
mily:tahoma,sans-serif;font-size:small;display:inline">To test this, you ca=
n try to login a client. If it is really expired, system will ask you to pr=
ovide a new password. After this, you'll be able to login RHEVM with =
the new password you've just
set.</div></div><div><br></div><div class=3D"g=
mail_default"
style=3D"font-family:tahoma,sans-serif;font-size:small">=E2=
=80=8B[1] </div><div class=3D"gmail_default"
style=3D"font-family:taho=
ma,sans-serif;font-size:small"><a
href=3D"http://www.freeipa.org/page/New_P=
asswords_Expired"
target=3D"_blank">http://www.freeipa.org/page/New_Passwor=
ds_Expired</a>=E2=80=8B</div><div class=3D"gmail_default"
style=3D"font-fam=
ily:tahoma,sans-serif;font-size:small"><br></div><div
class=3D"gmail_defaul=
t"
style=3D"font-family:tahoma,sans-serif;font-size:small">Regards,</div><d=
iv class=3D"gmail_default"
style=3D"font-family:tahoma,sans-serif;font-size=
:small">--</div><div class=3D"gmail_default"
style=3D"font-family:tahoma,sa=
ns-serif;font-size:small">Ekin</div></div>
</div></div>
</blockquote><div><br></div></div></div></div></div></blockquote></div><br>=
<br clear=3D"all"><div><br></div>-- <br><div
class=3D"gmail_signature"><div=
dir=3D"ltr"><span><span face=3D"tahoma, sans-serif"
data-mce-style=3D"font=
-family: tahoma, sans-serif;" style=3D"font-family: tahoma,
sans-serif;">Ek=
in Mero=C4=9Flu </span><span face=3D"tahoma, sans-serif"
data-mce-style=3D"=
font-family: tahoma, sans-serif;" style=3D"font-family: tahoma, sans-serif;=
"><i>Red Hat Certified Datacenter
Specialist</i><br><b>linuxera</b> =C3=96z=
g=C3=BCr Yaz=C4=B1l=C4=B1m =C3=87=C3=B6z=C3=BCm ve
Hizmetleri<br><b>T</b> +=
90 (850) 22 LINUX <b>GSM</b> +90 (532) 137 77
04</span></span></div></div>
</div>
</blockquote><div><br></div></div></body></html>
------=_Part_6830391_1351976731.1416471066743--