[Freeipa-users] Locked out admin
Rob Crittenden
rcritten at redhat.com
Mon Apr 14 21:25:01 UTC 2014
Steven Jones wrote:
> Login a directory manager?
Right, something like:
$ ldappasswd -x -D 'cn=directory manager' -W -S
uid=admin,cn=users,cn=accounts,dc=example,dc=com
And don't set the maxlife to anything greater than say 4000.
rob
>
> regards
>
> Steven Jones
>
> Technical Specialist - Linux RHCE
>
> Victoria University ITS,
>
> Level 8 Rankin Brown Building,
>
> Wellington, NZ
>
> 6012
>
> 0064 4 463 6272
>
> ________________________________________
> From: freeipa-users-bounces at redhat.com <freeipa-users-bounces at redhat.com> on behalf of Mario Gonzalez <mario.p.gonzalez at gmail.com>
> Sent: Tuesday, 15 April 2014 9:13 a.m.
> To: freeipa-users at redhat.com
> Subject: [Freeipa-users] Locked out admin
>
> Hi,
>
> I changed the max password life parameter to 30000 and now I cannot get
> back in to undo it. If I try to do 'kinit admin' I only get a 'Password
> expired. You must change it now' dialog that ends with:
>
> kinit: Password has expired while getting initial credentials
>
> Unfortunately as this is the 'admin' account I cannot undo the damage.
>
> Is there any way to fix this or have I messed up totally?
>
> br
> mario;
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
More information about the Freeipa-users
mailing list