It looks like I've run into a problem. I can't be sure if this is a software bug or a designed feature with OpenSSH. I am currently running OpenSSH_4.2p1, OpenSSL 0.9.7i 14 Oct 2005. We have an OpenLDAP backend for user authentication and everything is working. The problem is this.. I need to require my users to change their password on initial login to the system. I have attempted to use passwd with the -e flag and that fails saying: >-root-> passwd -e testuser Authentication failure. LDAP information update failed: Operations error Error while changing password expiry information. Now, if I use the chage function with the -M flag it seems to work. >-root-> chage -M 0 -D "cn=administrator,dc=motogroup,dc=com" testuser Enter LDAP Password: Aging information changed. When I attempt to login I get this: login as: testuser Using keyboard-interactive authentication. Password: You are required to change your LDAP password immediately. Last login: Mon Nov 28 09:03:49 2005 from rbecker.motogroup.com >-linuxadm03:intel(/dev/pts/0):/home/testuser >-testuser-> It never forces me to change my password. Nothing in the logs say there are any problems, files not found or errors. Does anyone have any idea why OpenSSH isn't calling the passwd application when the users password is expired? Thanks for your help. Rob Becker ********************************************************************** The information contained in this message is confidential and is intended for the addressee(s) only. If you have received this message in error or there are any problems please notify the originator immediately. The unauthorized use, disclosure, copying or alteration of this message is strictly forbidden. Motorists Insurance Group will not be liable for direct, special, indirect or consequential damages arising from the alteration of the contents of this message by a third party or as a result of any virus being passed on. **********************************************************************
