[28421] in Kerberos
SSH, expired pwd, change rejected
daemon@ATHENA.MIT.EDU (Roman.Schoenbichler@gmail.com)
Tue Sep 18 05:15:12 2007
From: Roman.Schoenbichler@gmail.com
Date: Tue, 18 Sep 2007 02:04:16 -0700
Message-ID: <1190106256.867325.149120@d55g2000hsg.googlegroups.com>
Mime-Version: 1.0
X-Complaints-To: groups-abuse@google.com
Complaints-To: groups-abuse@google.com
To: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Hi again!
Your AD, LDAP and Kerberos are working fine now, despite one problem.
If we change a users pwd in AD, and enable the option, that the user
has to change it at the next loggin, then ssh prompts for a new pwd.
SSH seems to use passwd to change the password, which seems to behave
quite different on each machine.
Sometimes, this works pretty well, but most of the time, the password
is rejected. The is not a matter of a bad chosen pwd.
We could link passwd to kpasswd (which works on all machines), but the
policie rules and error messages are not quite what we were looking
for.
We haven't experienced any difference between the attempts to change
the pwd, it just sometimes works and sometimes doesn't.
Has anybody a clue..?
Greets
roman
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos