[Freeipa-users] user-mod --rename and password
Alexander Bokovoy
abokovoy at redhat.com
Thu May 7 13:38:37 UTC 2015
On Thu, 07 May 2015, Jan Pazdziora wrote:
>
>Hello,
>
>I try to test renaming of user objects. I start with user bob and I'm
>able to kinit just fine:
>
> # echo BobPassword123 | kinit bob
> Password for bob at EXAMPLE.TEST:
> #
>
>I then rename the user:
>
> # echo Password123 | kinit admin
> Password for admin at EXAMPLE.TEST:
> # ipa user-mod --rename=bob1 bob
> ------------------------
> Modified user "bob"
> ------------------------
> User login: bob1
> First name: Robert
> Last name: Chase
> Home directory: /home/bob
> Login shell: /bin/sh
> Email address: bob at example.test
> UID: 251800001
> GID: 251800001
> Account disabled: False
> Password: True
> Member of HBAC rule: allow_wikiapp
> Kerberos keys available: True
>
>And I try to kinit with the original password and it fails:
>
> # echo BobPassword123 | kinit bob1
> Password for bob1 at EXAMPLE.TEST:
> kinit: Password incorrect while getting initial credentials
> #
>
>Then I rename the user back and the original password starts to work
>again:
>
> # echo Password123 | kinit admin
> Password for admin at EXAMPLE.TEST:
> # ipa user-mod --rename=bob bob1
> --------------------
> Modified user "bob1"
> --------------------
> User login: bob
> First name: Robert
> Last name: Chase
> Home directory: /home/bob
> Login shell: /bin/sh
> Email address: bob at example.test
> UID: 251800001
> GID: 251800001
> Account disabled: False
> Password: True
> Member of HBAC rule: allow_wikiapp
> Kerberos keys available: True
> # echo BobPassword123 | kinit bob
> Password for bob at EXAMPLE.TEST:
> #
>
>Is this expected? It's with 4.1.0.
Yes, we have a bug for this, actually, few of them:
https://fedorahosted.org/freeipa/ticket/4757
The actual issue is due to https://fedorahosted.org/freeipa/ticket/4914
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list