Firewall issue? Maybe do a tcpdump on one of the machines while trying this?
On Feb 16, 2012, at 10:10 PM, Kelvin Edmison wrote: > Hi all, > > I am trying to roll out ipa as our central authentication system, and am > running into problems with password changes on CentOS 5. > > Scenario: > Admin user resets a user's password. > The user, on a non-IPA-managed system, logs into a CentOS 5 server > (IPA-managed) via ssh. The temporary password is accepted and the user is > immediately prompted to change the password, but the password change fails > with the message 'System is offline, password change not possible'. > > $ ssh kelvin@testhost > kelvin@testhost's password: > Warning: Your password will expire in less than one hour. > Password expired. Change your password now. > Last login: Thu Feb 16 21:54:59 2012 from vpn > WARNING: Your password has expired. > You must change your password now and login again! > Changing password for user kelvin. > Current Password: > New UNIX password: > Retype new UNIX password: > System is offline, password change not possible > Warning: Your password will expire in less than one hour. > Warning: Your password will expire in less than one hour. > passwd: Authentication token manipulation error > Connection to testhost closed. > > What am I missing? Can someone please help me get this working? > > Thanks, > Kelvin > > _______________________________________________ > Freeipa-users mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/freeipa-users _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
