all which would explain the behavior. I assume
pam_sss.so is listed in common-auth. Did you add it on your own to common-auth
or was it added by a system utility e.g. pam-auth-update?
bye,
Sumit
>
> Best regards,
> C. L. Martinez
>
> ___
To: FreeIPA users list
Cc: Carlos Lopez
Subject: Re: [Freeipa-users] Password expired is not requested with Ubuntu
clients
Am Fri, Apr 19, 2024 at 08:56:36AM +0000 schrieb Carlos Lopez via FreeIPA-users:
> Good morning,
>
> I have configured some Ubuntu clientes to authenticate via Kerberos
Good morning,
I have configured some Ubuntu clientes to authenticate via Kerberos against my
RHEL9 IdM server. Everything works correctly: clients are authenticated, etc.
The problem comes when a user's password has expired. In the IdM server logs it
is clear that the user must change the passw
Срд, 24 сту 2024, Carlos Lopez via FreeIPA-users wrote:
>Hi all,
>
>I need to integrate authentication and role access for a few users
>between Amazon Cognito and FreeIPA/IdM. The idea is that the user logs
>in with Cognito but the access validation, password changes, roles,
>
Hi all,
I need to integrate authentication and role access for a few users between
Amazon Cognito and FreeIPA/IdM. The idea is that the user logs in with Cognito
but the access validation, password changes, roles, etc. are hosted in FreeIPA.
The resources where users login are outside of Amazon
certificates with keys associated in
FreeIPA
Jernej Jakob via FreeIPA-users wrote:
> On Wed, 26 Jul 2023 11:10:23 +
> Carlos Lopez via FreeIPA-users
> wrote:
>
>> Hi all,
>>
>> Sorry to disturb but I can not find which is the correct procedure to
>> accomplis
Hi all,
Sorry to disturb but I can not find which is the correct procedure to
accomplish this. I have created a certificate in WebUI and I can export
certificate in pem format, which it is what I need. But I need the private key
also. This certificate is for a host outside of Kerberos and LDAP