On 11/8/23 15:55, Aaron Enders wrote:
> Hello,
>
> Question: Is there a way to allow users to change their password if the password has already expired?
>
> I've been fighting this issue for months now and havn't found a resolution. My users are able to change their password if it is not expired however once expired even in the Grace login period they are unable to change due to anonomus binds not allowed. Is there an ACI that would apply here? My problem is I use a VPN solution which only allerts the users the password is expiring however they do not have a way to change.
Hi
I am surprised because during grace period the user should be able to
successfully bind and change his password. Being authenticated the ACI
should allow to the user to change his own password.
In access logs you may check if BIND is successful or not. If it is not
then I would suspect grace period to be over or a bug.
best regards
Thierry
>
> Thanks
> Aaron
> _______________________________________________
> 389-users mailing list -- 389-users@lists.fedoraproject.org
> To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
> Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
No comments:
Post a Comment