bob-sixgen
commented
2 months ago Bump
Open gentoo9ball opened 11 months ago
bob-sixgen
commented
2 months ago Bump
sumit-bose
commented
2 months ago Hi,
while it would be possible to change the text or even better make it configurable in the [prompting/...] section I would like to point out that SSSD's PAM modules pam_sss.so is already sending a proper propt for the current password. E.g. ssh:
# ssh -l newuser localhost
(newuser@localhost) Password:
(newuser@localhost) Password expired. Change your password now.
Current Password:
(newuser@localhost) New password:
(newuser@localhost) Retype new password:or gdm
So I wonder if it wouldn't be better to ask the lightdm team to use the prompts they get from the PAM modules?
bye, Sumit
I am using lightdm-gtk-greeter/lightdm/sssd with IPA to authenticate users to my network. Upon account creation or password expiration, users are required to change their passwords at login. They are repeatedly getting confused by this response message: "Password expired. Change your password now."
This is the order of the prompts:
Would it be possible to amend this message with better instructions? I do not know if this applies to other authentication platforms, hence I have not changed it myself.
https://github.com/SSSD/sssd/blob/15a22136e19f192c03758c21fa8e48697fa16857/src/sss_client/pam_sss.c#L3103C65-L3103C65