IPA requires users to change their passwords immediately
I am using IPA for authentication of RHEV-M.
I find that when I create a user account with
ipa useradd <username>
the user has to change their password before they can log in to the User Portal.
I am not using IPA for anything other than authenticating RHEV-M. If someone can recommend a way for users to change their passwords, that would be really helpful.
One way that I have found for a user to change their password is for the user to ssh into the IPA server. Then, after they enter their initial password, the user can change their password. However, a web app for changing the password would be much better.
Responses
This isn't related to RHEV it's an IPA policy, when you first setup a user in IPA the password is set to expired [1]
You'd need to change the password as the user. I seem to remember you could change the policy in IPA but I'd have to check the docs.
Red Hat
Guru
4649 points
Please also take a look at the below thread:
https://access.redhat.com/discussion/work-around-cannot-login-user-password-has-expired-please-change-your-password-rhevm-user
You can either use "kinit" or "kpasswd" to change the password.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.