[Freeipa-users] Library to change expired password
Dmitri Pal
dpal at redhat.com
Fri Oct 30 14:05:16 UTC 2009
>
> As Sumit said, the self-service page currently requires kerberos so
> you'd have to get a TGT first which means you need a valid password.
>
> This may not be too difficult to do in a web form (SSL protected, of
> course). You should be able to create a non-kerberos auth page that
> prompts for username, old and new password and a submit button. You
> could pass this onto a a simple backend that does an LDAP bind as the
> user with the old password then use ldap_passwd() to set the new
> password.
Is there anything we can leverage from what Pavel has done with non
kerberos migration page?
I know this is a completely different case under the hood but for end
user they seem pretty similar
so may be there is a way to take advantage of what Pavel already
implemented.
--
Thank you,
Dmitri Pal
Engineering Manager IPA project,
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-users
mailing list