[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8317) Problem with "force user to password reset at first login"



Full_Name: Rajagopal
Version: openldap-2.4.39-7.el7_1.x86_64
OS: RHEL7
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (121.242.29.87)


Hi,
I am trying to force users to change their password at first login or after
password reset by administrator.

Tried following:
1)Password policy 'pwdMustChange TRUE' doesn't seems to be working as non of the
users get prompt to change their password at first login.

2) used the 'pwdReset TRUE' attribute in users attributes, and it won't prompt
to change the password and didn't allow to login 
i observe below messages in log

"slapd[12684]: connection restricted to password changing only
slapd[12684]: send_ldap_result: err=50 matched="" text="Operations are
restricted to bind/unbind/abandon/StartTLS/modify password"
slapd[12684]: conn=1053 op=1 SEARCH RESULT tag=101 err=50 nentries=0
text=Operations are restricted to bind/unbind/abandon/StartTLS/modify password"

Please help me configure the option to force all users to change their password
at first login or after pwd reset  by administrator.

Thanks & Regards
Rajagopal