[389-users] flag "user must change password at next logon" remains active after PassSync
Rich Megginson
rmeggins at redhat.com
Wed May 20 13:12:25 UTC 2015
On 05/20/2015 05:28 AM, Mihai Carabas wrote:
> Hello,
>
> We've setup an 389 Directory Server on a Fedora21 and configured
> synchronization with an Active Directory (running on an Windows2012R2
> Datacenter). We've managed to synchronize all the accounts from the
> 389DS to AD (about 44000). All the accounts have the "user must change
> password at next logon" in the AD, even if the users change their
> passwords on the 389DS, The password gets to the AD, but the flag for
> "user must change password at next logon" still remains active
> (basically forces the user to change their password on the Active
> Directory). Is there any workaround for this?
389 winsync does not sync password policy related attributes. You will
need to handle this offline, using scripts.
>
> The attribute passwordMustChange in the 389DS is set to Off.
>
> Thank you,
> Mihai Carabas
> University POLITEHNICA of Bucharest
>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20150520/3676dd1e/attachment.html>
More information about the 389-users
mailing list