A thought:
If a user logs in to a laptop, then does a "kinit", can they then do a "kpasswd" to update their password ?
______________________________________________________________________________________________
Daniel E. White
daniel.e.white@nasa.gov
NICS Linux Engineer
NASA Goddard Space Flight Center
8800 Greenbelt Road
Building 14, Room E175
Greenbelt, MD 20771
Office: (301) 286-6919
Mobile: (240) 513-5290
From:
Johan Vermeulen via FreeIPA-users <freeipa-users@lists.fedorahosted.org>
Reply-To: FreeIPA users list <freeipa-users@lists.fedorahosted.org>
Date: Tuesday, December 10, 2019 at 07:56
To: FreeIPA users list <freeipa-users@lists.fedorahosted.org>
Cc: Johan Vermeulen <jameslast29@gmail.com>
Subject: [EXTERNAL] [Freeipa-users] have users reset password
Hello All,
so we have some 200 laptops who are ipa-clients.
At the moment the only way for the users on these laptops to reset their passwords is to wait until the password expires.
Than they get a message on the login screen and they can reset the password.
I would like to have an alternative method.
Have them login to the Freeipa server is the obvious, but here they see too much information, like all the users.
Is there another way to have users reset their passwords?
Many thanks, J.