I tried to search through the list but did not find what I was looking
I am testing 389-ds installation and password policies implementation.
I installed it both on Ubuntu 12.04 Server and on CentOS 6.3. Still in
the beginning as I am stuck finding why the Ubuntu client does not
honor server's password policies.
The install is pretty basic, I ran setup-ds-admin.pl
;, followed by the default options and got a
LDAP server running. Then from the console (not too comfortable with
the commands in this case), enabled Fine-Grained password policy for
the whole tree and ticked "User must change password after reset". All
good for now. And here is the trick:
On CentOS, I just ran authconfig-tui and enabled LDAP Client
Authentication. Then "su - test_ldap" was successful and I got a
message, stating "You are required to change your LDAP password
But, I cannot make Ubuntu client to do the same. The best I can do
with it is to login to the server. It does not honor the password
policies - no notifications for the users, login successful after
password expired, etc.
The Ubuntu client is 12.04 and I strictly followed their community
wiki to set up PAM and be able to login. Btw, "getent passwd" and
works just fine, I can bind to the server, but no password policies.
How I can fix this?
Any advice will be greatly appreciated!