[Freeipa-users] Password expiration after reset
Giulio Casella
giulio at di.unimi.it
Wed Dec 16 16:06:51 UTC 2015
Il 16/12/2015 16:07, Alexander Bokovoy ha scritto:
> On Wed, 16 Dec 2015, Giulio Casella wrote:
>> Hi guys,
>> I'm trying to populate FreeIPA (4.2.3) using API, but after user
>> creation (and password has been set) user must change password at
>> first logon. Same beahviour after a password change by admin.
>>
>> Although this behaviour is desirable in many situations, I can't
>> afford it, I've got to import tens of thousands users, and I can't
>> force them to change their password.
>> How can I bypass this password change?
>>
>> And, by the way: is there a way to disable password expiration?
> http://www.freeipa.org/page/New_Passwords_Expired
>
> If you are using API to create users and set their passwords, you can
> use technique like described here:
> https://www.redhat.com/archives/freeipa-users/2012-June/msg00360.html
>
Thank you for the info Alexander, I wasn't aware of the page
/ipa/session/change_password.
After creating a user via API in the usual way (json submission to
/ipa/session/json) I can perform a password change submitting user
credential to /ipa/session/change_password, thus resetting password
expiration accordingly to system settings.
It works like a charme.
Thank you again,
Giulio.
More information about the Freeipa-users
mailing list