Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSSD is unable to handle "User must Change the password at next login" setting in AD if auth_provider = ldap is used #4606

Closed
sssd-bot opened this issue May 2, 2020 · 0 comments
Closed

SSSD is unable to handle "User must Change the password at next login" setting in AD if auth_provider = ldap is used #4606

sssd-bot opened this issue May 2, 2020 · 0 comments
Labels
Bugzilla Closed: Won't fix

Comments

@sssd-bot
Copy link

sssd-bot commented May 2, 2020

Cloned from Pagure issue: https://pagure.io/SSSD/sssd/issue/3582

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1513277

Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.

* Description of problem:
SSSD is unable to handle "User must Change the password at next login" setting
in AD if auth_provider = ldap is used

* Version-Release number of selected component (if applicable):
sssd-1.15.2-50.el7_4.6

* How reproducible:
Always

* Steps to Reproduce:
1. Integrate RHEL macine with AD domain using sssd with id_provider = ldap and
auth_provider = ldap
2. For an AD user tick/check "User must Change the password at next login" in
AD
3. Try to login as AD user on RHEL it will fail and won't give you prompt to
reset password

* Actual results:
AD user login fails with:
---
# ssh aduser@localhost
Sat Nov 11 00:25:30 CET 2017
aduser@localhost's password:
Permission denied, please try again.
aduser@localhost's password:
Permission denied, please try again.
aduser@localhost's password:
Ctrl+c
---


Expected results:
AD user login should work and it should force user to change its password with:
---
# ssh aduser@localhost
aduser@localhost's password:   <----- Current Password
Password expired. Change your password now.
Creating home directory for aduser
password has expired.
You must change your password now and login again!
Changing password for user aduser.
Current Password:    <----- Current Password
New password:     <----- New Password
Retype new password:    <----- New Password
passwd: all authentication tokens updated successfully.
Connection to localhost closed.
---

Additional info:
I have already discussed this issue with Jakub and as he stated this has been
never implemented in SSSD and thus filed this bug.

Comments

Comment from jhrozek at 2017-11-21 22:00:49

Metadata Update from @jhrozek:

Comment from jhrozek at 2017-12-07 16:45:48

Metadata Update from @jhrozek:

  • Issue set to the milestone: SSSD Patches welcome

Comment from pbrezina at 2020-03-24 14:15:34

Thank you for taking time to submit this request for SSSD. Unfortunately this issue was not given priority and the team lacks the capacity to work on it at this time.

Given that we are unable to fulfill this request I am closing the issue as wontfix.

If the issue still persist on recent SSSD you can request re-consideration of this decision by reopening this issue. Please provide additional technical details about its importance to you.

Thank you for understanding.

Comment from pbrezina at 2020-03-24 14:15:36

Metadata Update from @pbrezina:

  • Issue close_status updated to: wontfix
  • Issue status updated to: Closed (was: Open)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bugzilla Closed: Won't fix
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sssd-bot