An error occurred while changing an IdM password - attribute "krbpasswordexpirationkrbpasswordexpiration" not allowed
Issue
-
Getting an error when changing an IdM password - attribute "krbpasswordexpirationkrbpasswordexpiration" not allowed
-
Unable to change the password for a specific IdM account, the GUI gave an
objectclass violation error
and noticed the following in the LDAP error log.
[18/Apr/2023:14:21:44.541377591 +0100] - ERR - oc_check_allowed_sv - Entry "uid=ipauser1,cn=users,cn=accounts,dc=ipa,dc=example,dc=com" -- attribute "krbpasswordexpirationkrbpasswordexpiration" not allowed <----
- Modifying IPA user entry is failing with error below:
[root@ipaserver ~]$ ipa user-mod ipauser1 --password-expiration=20230715081343Z
ipa: ERROR: attribute "krbpasswordexpirationkrbpasswordexpiration" not allowed
Environment
- Red Hat Enterprise Linux 7
- Identity Management (IPA/IdM)
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.