[ovirt-users] IPA-auth: user password expired

[Ekin Meroğlu]

Hi,

An ldappasswd command would change it without setting as expired. It will
prompt twice for the account password you'll set, and the password for the
directory  manager once:

$ ldappasswd -ZZ -D 'cn=directory manager' -W -S
uid=USERNAME,cn=users,cn=accounts,dc=example,dc=org -H ldap://
ipaserver.example.org

You'll need to set the username (USERNAME) domain (example.org) and server
FQDN accordingly.

Hope this helps,

On Wed, Nov 19, 2014 at 8:38 PM, Demeter Tibor <tdemeter at itsmart.hu> wrote:

> Hi,
>
> I don't have linux client.
> Can I change password without this?
>
> Thanks,
>
> Tibor
>
> ------------------------------
>
> Hi Tibor,
>
> On Wed, Nov 19, 2014 at 6:46 PM, Demeter Tibor <tdemeter at itsmart.hu>
> wrote:
>
>> Hi,
>>
>> I have an IPA server 3.0 on centos 6.6.
>> I successfully attached to my ovirt cluster.
>> I can see the users on ovirt user tab, but after auth I always get this
>> error:
>>
>> Cannot Login. User Password has expired. Use the following URL to change
>> the password: (nothing)
>>
>> I have try out with different long passwords and different users, but
>> it's same.
>>
>
> ​Did you try accessing a regular linux client with the same account? In
> IPA, new user passwords are always set as expired by design  - please see
> [1].
>
> To test this, you can try to login a client. If it is really expired,
> system will ask you to provide a new password. After this, you'll be able
> to login  RHEVM with the new password you've just set.
>
> ​[1]
> http://www.freeipa.org/page/New_Passwords_Expired​
>
> Regards,
> --
> Ekin
>
>
>


-- 
Ekin Meroğlu *Red Hat Certified Datacenter Specialist*
*linuxera* Özgür Yazılım Çözüm ve Hizmetleri
*T* +90 (850) 22 LINUX *GSM* +90 (532) 137 77 04
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20141119/62b290fb/attachment-0001.html>