[Freeipa-users] 2 things,
Rob Crittenden
rcritten at redhat.com
Wed Apr 4 02:43:14 UTC 2012
Steven Jones wrote:
> 8><---------
>
> and how do I make more admin level accounts?
>
> I made one that looks identical to admin, but I cant get a login with it....
>
> 8><----------
>
> Figured it out, the problem is with forcing a password change on first use.....until you login with kinit and re-set your password you cannot login, so what really needs to happen is a dialogue box pops up asking you to change your password....or at least a pop up telling you to go elsewhere and do it, rather than silently failing.
Did you enable KrbMethodK5Passwd? The browser does not provide a
facility for changing passwords using Basic or any authentication that
I'm aware of.
As far as IPA is concerned the user provided invalid credentials, that's
all. It doesn't get the details of why. That is handled by mod_auth_kerb.
To log out of a browser using 2.1.x you need to kdestroy and kinit again
on the local system. If you've authenticated using basic auth the only
way to "log out" is to restart the browser.
rob
More information about the Freeipa-users
mailing list