> On Tue, Feb 19, 2013 at 03:29:03PM -0700, [email protected] wrote: >> >> >> ? >> ? >> Actually >> i'd like to take that back now, it works fine when running kpasswd, but >> if >> user password is expired when SSH to client, during the reset it only >> tried UDP same if issuing passwd command as well. > > > Both use sssd here which in theory should behave as kpasswd. Can you run > sssd with a high debug level, run the passwd command again and send > logs? If you prefer you can send them as PM to me. Most interesting > would be krb5_child.log but the others miht be useful as well. > > bye, > Sumit >> _______________________________________________ >> Freeipa-users mailing list >> [email protected] >> https://www.redhat.com/mailman/listinfo/freeipa-users > > � I found my issue by disabled SELinux on the client, also did a search and found this bug related to my issue exactly: � https://bugzilla.redhat.com/show_bug.cgi?id=889251 � The selinux-policy in CentOS 6 is not the same as the current�selinux-policy-3.7.19-190.el6 in RHEL 6, CentOS 6 is using�selinux-policy-3.7.19-155.el6 � Thank you for everyone's help, reviewing the krb5_child.log led me to search SELinux audit log which turned up the problem while looking for denied messages.
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
