[Freeipa-users] password resets - errors
Janelle
janellenicole80 at gmail.com
Mon Sep 28 13:56:41 UTC 2015
On 9/28/15 6:10 AM, Rob Crittenden wrote:
> Janelle wrote:
>> Hello,
>>
>> I continue to see these a lot, but only on some servers. It causes a lot
>> of confusions with my users. There must be a way to troubleshoot this
>> and find the issue. Also, there is nothing wrong with the password
>> policies. They are all set to default, and this occurs even when a
>> user's password has expired. The only thing I can say is it tends to
>> happen on more heavily loaded servers than lightly loaded ones. And
>> perhaps the most important point - the password *IS* changed successfully!
>>
>> Changing password for user expired-user.
>> Current Password:
>> New password:
>> Retype new password:
>> Password change failed. Server message: Current password's minimum life
>> has not expired
>>
>> Password not changed.
>> passwd: Authentication token manipulation error
>>
>> Thoughts? Anything?
>>
>> ~Janelle
>>
> What tool is changing the expired password?
>
> I'd be curious to see the password policy for the user, ipa
> pwpolicy-show --user=<user>
>
> Seeing the krbLastPwdChange and krbPasswordExpiration might be handy too.
>
> rob
And, please accept my apology if that was worded poorly on my reply.
Very appreciative for the help, just was trying to steer away from the
actual password policy having anything to do with it. As I re-read my
reply, I thought it might have sounded rude in the email. Not intended
to be that way.
~J
More information about the Freeipa-users
mailing list