Re: Automatically prompt for password change at first login.
Christian Kuelker wrote:
> Dear Klaus,
>
> this is indeed a very nice thing to have!
>
> On 2005 September 6 Tuesday 17:55, Klaus Ade Johnstad wrote:
>
>>This year was my 4th year handing out password to our yearly 180 new
>>pupils at my school. This year, unlike the other years, I did somethin
>>"clever"; making a mandatory change of password via kdm at first login.
....
>>The only drawback to this approach is that it only changes the
>>userPassword (Linux password), not sambaLMPassword or sambaNTPassword,
>>but I don't have any windows-machines anyway.
> May be a wrapper to passwd command?
Nope, that wont work.
But maybe libpam-smbpass could work. See this page about it's use:
http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/pam.html#id2646539
>>
>>Feedback and improvements are very welcome, especially if these changes
>>that I made to slapd.conf and ldap-users.pl are sane, and if it is
>>possible to also get the sambaLMPassword and sambaNTPassword changed
>>this way (I suspect kdepasswd needs to be disciplined to do this).
>>
not kdepasswd, /etc/pam.d/password (or common-password)
> We (in the Faculty of Sociology) had the same problem with the old novel
> server. The paswords where printed and handed out to the students. Then
> we migrate to Linux. As we have windows clients we solved the problem
> different. A webpage was created and accessible via
> https://server.de/application. The applicants filled
> out a form (with address, ... and password) which was feed into the user
> administration. When they confirmd there application (signing a contract),
> the password of the user was set into LDAP (userPassword and Samba)
> with a klick on a button.
> The advantage:
> - fillout the form wherever you are on this planet
> - admins do not have to know the password
> - the admin do not have to type the other user data (adress, mail, ...) the
> users do.
> - the account is activated, if the student proove there status
> - samba and user password are changed
The question then is, which terminal should they log into to get this
private user account ?
I guess we could have used some kiosk mode to do this.
--
Finn-Arne Johansen
faj@bzz.no http://bzz.no/
Leverandør av support på, drift og videreutvikling av Skolelinux-løsninger
Reply to: