Authenticate against AD: Access denied when "User must change password at next logon" is set
Kenneth Holter
kenneho.ndu at gmail.com
Fri Jul 29 07:26:15 UTC 2011
Well, we have looked into various setups with regards to setting our
linux servers up to use LDAP, and have decided to go for direct AD
integration rather than use for example winbind. This setup limits the
components involved which reduces complexity and reduces the chance of
things failing, and fit our needs well. We're not planning on using
Kerberos.
Kenneth
On Wed, Jul 27, 2011 at 3:10 PM, D G Teed <donald.teed at gmail.com> wrote:
> Is there a reason winbind and a little krb5 client config
> (without using full kerberos) doesn't fit your needs?
> That is how we pam authenticate to AD. I'm not sure
> about the force password change, but I did have the
> passwd command on Linux set up the password on AD
> when winbind was in /etc/nsswitch.conf
>
>
> _______________________________________________
> Pam-list mailing list
> Pam-list at redhat.com
> https://www.redhat.com/mailman/listinfo/pam-list
>
More information about the Pam-list
mailing list