Dear all,
I successfully installed
FreeIPA this morning. Now I got a problem about Kerberos Authentication. New user cannot modify their password in shell.
I added a new user named haha(group: ipauser) based on the webUI. This user is not a existed system user. Then I added a new Delegations(allow people in group ipauser can modify password for group ipauser) .
Code:
[michael@freeipa Desktop]$ su - haha
Password:
Warning: Your password will expire in less than one hour.
Warning: password has expired.
Kerberos 5 Password:
Warning: Your password will expire in less than one hour.
New UNIX password:
Retype new UNIX password:
su: incorrect password
[michael@freeipa Desktop]$ su - root
Password:
[root@freeipa ~]# su - haha
su: warning: cannot change directory to /home/haha: No such file or directory
-sh-3.2$
Root can su - haha successfully. I think that means the Kerberos works, but new user cannot reset their password in their shell.
What should I do?
Best Regards,
Michael