$ echo -e "Secret123\nSecret123\n" | ipa user-add tuser --first Test --last User --password $ ipa user-add-principal tuser test@EXAMPLE.ORG $ ipa user-add-principal tuser test\\@example.org@EXAMPLE.ORG $ echo -e "Secret123\nNewSecret123\nNewSecret123\n" | kinit -C test Password for test@EXAMPLE.ORG: kinit: KDC reply did not match expectations while getting initial credentials $ echo -e "Secret123\nNewSecret123\nNewSecret123\n" | kinit -C -E tuser@example.test Password for tuser\@example.test@EXAMPLE.ORG: kinit: KDC reply did not match expectations while getting initial credentials
Metadata Update from @dkupka: - Issue assigned to someone - Issue set to the milestone: FreeIPA 4.5 backlog
@rharwood what do you think about this?
Metadata Update from @rcritten: - Issue close_status updated to: None
I imagine the problem is with kpasswd not turning on -C, not -E?
-C
-E
Otherwise it seems like a reasonable thing to support; did a bug ever get created? If not, and you want this feature, please make one.
Login to comment on this ticket.