[Freeipa-users] password expiration
Sandor Juhasz
sjuhasz at chemaxon.com
Tue Jun 2 08:30:43 UTC 2015
It is confirmed, the password policy was changed with password expiration beyond 2038.
Question is, how can we restore the pw policy without a working admin user?
Sándor Juhász
System Administrator
ChemAxon Ltd .
Building Hx, GraphiSoft Park, Záhony utca 7, Budapest, Hungary, H-1031
Cell: +36704258964
From: "Martin Kosek" <mkosek at redhat.com>
To: "Tamas Papp" <tompos at martos.bme.hu>, freeipa-users at redhat.com
Sent: Tuesday, June 2, 2015 9:54:43 AM
Subject: Re: [Freeipa-users] password expiration
On 06/01/2015 07:50 PM, Tamas Papp wrote:
> hi All,
>
> I'm stuck:
>
>
> $ kinit admin
> Password for admin at CXCLIENTS:
> kinit: Password incorrect while getting initial credentials
> [root at ipa-clients1 ~]$ kinit admin
> Password for admin at CXCLIENTS:
> Password expired. You must change it now.
> Enter new password:
> Enter it again:
> kinit: Password has expired while getting initial credentials
>
>
>
>
> $ kinit admin
> Password for admin at CXCLIENTS:
> Password expired. You must change it now.
> Enter new password:
> Enter it again:
> Password change rejected: Current password's minimum life has not expired
>
> Password not changed.. Please try again.
>
> Enter new password:
>
>
>
>
> What can I do now?
>
>
> Thanks,
> tamas
>
Hi Tamas,
What platform and FreeIPA version do you use? What actions did you do before
this happened? Were you for example changing the (global) password policy?
Setting a too high password life may case the Year 2038 problem and have
password validity in the past.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150602/a0765ecf/attachment.htm>
More information about the Freeipa-users
mailing list