[Freeipa-users] About ipa passwd and kpasswd
bahan w
bahanw042014 at gmail.com
Thu Feb 18 15:46:58 UTC 2016
Hello everyone.
I send you this mail because I have sometimes a problem when using ipa
passwd to generate a One Time Password and then using kpasswd to set a
strong random password using a password policy.
When I perform the ipa passwd command and just after the kpasswd command, I
got an error message.
Here is the command (I have an admin TGT) :
echo "onetimepwd\nonetimepwd\n" | ipa passwd <user>; echo
"onetimepwd\n<definitivepassword>\n<definitivepassword>\n" | kpasswd <user>
And here is the result :
###
----------------------------------------------
Changed password for "<user>@<realm>"
----------------------------------------------
Password for <user>@<realm>:
kpasswd: Preauthentication failed getting initial ticket
###
When I perform a sleep 5, then the sucession of these commands complete
successfully.
I tried to sleep 1s or 2s, but sometimes I got the error message, and
sometimes not.
So I extended the sleep duration to 5s.
I was wondering if it was normal behaviour from ipa-server/client 3.0.0-47 ?
If yes, do you know what the minimum duration in seconds that I have to
wait after setting a one time password before setting a more definitive
password (a password respecting the password policy) ?
Best regards.
Bahan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160218/69106165/attachment.htm>
More information about the Freeipa-users
mailing list