Red Hat Bugzilla – Bug 432865
unable to handle enforced password changes
Last modified: 2014-06-02 09:07:02 EDT
Description of problem:
krb5-auth-dialog seems unable to handle enforced password changes. This comes up
in relation to new users in ipa server.
I had previously had vnc setup with the 'testing' account on the IPA server I'm
currently testing on, and had kinit shillman there for testing the UI with a
I then proceeded to uninstall the server, using the --uninstall flag. Then, I
reinstalled, recreated the shillman user on the server, and logged into the
restarted 'testing' VNC session on the server.
At this point I got a UI pop up fram kerberos telling me that shillman's key had
expired and I needed to login again.
I did, then it said something about changing my password, which I also tried to
do. But then, within a minute or twn, it said I was expired and needed to enter
my password, and then change it, again. This just kept happening until I kinit
shtillman at the commandline prompt, and it had me change my password there.
I suspect a similar effect would be had by having a local IPA client into
which one were to login via gdm, but as I have no such local client, I am unsure.
Version-Release number of selected component (if applicable):
nalin/cailion - could we get this into rhel 5.3 ?
Should be doable. Changing CC from myself to Chris, because this one's already
assigned to me.
Added to 1.0 Release Notes.
This request was evaluated by Red Hat Product Management for
inclusion, but this component is not scheduled to be updated in
the current Red Hat Enterprise Linux release. If you would like
this request to be reviewed for the next minor release, ask your
support representative to set the next rhel-x.y flag to "?".
This bug/component is not included in scope for RHEL-5.11.0 which is the last RHEL5 minor release. This Bugzilla will soon be CLOSED as WONTFIX (at the end of RHEL5.11 development phase (Apr 22, 2014)). Please contact your account manager or support representative in case you need to escalate this bug.
Thank you for submitting this request for inclusion in Red Hat Enterprise Linux 5. We've carefully evaluated the request, but are unable to include it in RHEL5 stream. If the issue is critical for your business, please provide additional business justification through the appropriate support channels (https://access.redhat.com/site/support).