Re: Authenticate against AD: Access denied when "User must change password at next logon" is set

Is there a reason winbind and a little krb5 client config

(without using full kerberos) doesn't fit your needs?

That is how we pam authenticate to AD. I'm not sure

about the force password change, but I did have the

passwd command on Linux set up the password on AD

when winbind was in /etc/nsswitch.conf

_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

Follow-Ups:
- Re: Authenticate against AD: Access denied when "User must change password at next logon" is set
  - From: Kenneth Holter

References:
- Authenticate against AD: Access denied when "User must change password at next logon" is set
  - From: Kenneth Holter
- Re: Authenticate against AD: Access denied when "User must change password at next logon" is set
  - From: grove
- Re: Authenticate against AD: Access denied when "User must change password at next logon" is set
  - From: Kenneth Holter
- Re: Authenticate against AD: Access denied when "User must change password at next logon" is set
  - From: Rachel Polanskis
- Re: Authenticate against AD: Access denied when "User must change password at next logon" is set
  - From: Kenneth Holter