IPA - Unable to reset users passwords when password expiry set to > 9000 days

Solution Verified - Updated -

Issue

  • After changing a password for an IPA user, each time I login tells me to redo it again and again.

    Changing password for user test.
    Current Password: 
    New password: 
    Retype new password: 
    passwd: Authentication token manipulation error
    
  • After resetting ipa password, user getting error "password has expired while getting initial credentials"

    # ipa passwd user
    New Password: 
    Enter New Password again to verify: 
    -----------------------------------------------
    Changed password for "user@EXAMPLE.COM"
    -----------------------------------------------
    
    kinit user
    Password for user@EXAMPLE.COM: 
    Password expired.  You must change it now.
    Enter new password: 
    Enter it again: 
    kinit: Password has expired while getting initial credentials
    

Environment

  • Red Hat Enterprise Linux 6
  • IPA versions 2.2 & 3

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.