New user VS expired account
Tony Huang
supertonyhuang at gmail.com
Wed Mar 10 20:31:12 UTC 2010
Hello PAM experts,
I am having a issue where PAM is not following my LDAP password policy.
Ideally, I'd like to have new users or password reset by administrators to
be prompted to change the password upon logging in (using temporary
password). However, I do not want expired accounts to be asked to change the
password. How can I accomplish this?
In /etc/ldap.conf I have already uncommented
pam_lookup_policy yes
pam_password clear
but regardless of new or expired accounts, the login will prompt to change
the password.
HELP!
thanks!
--Tony
PS. I have a Sun Directory Server 6.3.1 as my LDAP server, and running
RedHat 5.x on many of my clients. (Solaris workstations are having
the expected behavior)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pam-list/attachments/20100310/15066d48/attachment.htm>
More information about the Pam-list
mailing list