Hi, On Fri, Mar 23, 2012 at 08:42:27AM +0100, Samuel Krempp wrote: > As I was playing around in Gosa to try after importing a first batch > of users thourgh a csv file, I may have hit something that makes new > users unable to login. Most important: choose the template before importing the csv file. > I looked at the principals using kadmin and noticed the new users > had 4 keys : > kadmin.local: root@tjener:/etc# echo getprinc tesstu |kadmin.local > Authenticating as principal root/admin@INTERN with password. > kadmin.local: getprinc tesstu > Principal: tesstu@INTERN > Expiration date: [never] > Last password change: Fri Mar 23 08:33:29 CET 2012 > Password expiration date: Thu Feb 16 08:33:29 CET 2034 > Maximum ticket life: 0 days 10:00:00 > Maximum renewable life: 7 days 00:00:00 > Last modified: Fri Mar 23 08:33:29 CET 2012 (root/admin@INTERN) > Last successful authentication: [never] > Last failed authentication: [never] > Failed password attempts: 0 > Number of keys: 4 > Key: vno 1, AES-256 CTS mode with 96-bit SHA-1 HMAC, Version 5 > Key: vno 1, ArcFour with HMAC/md5, Version 5 > Key: vno 1, Triple DES cbc mode with HMAC/sha1, Version 5 > Key: vno 1, DES cbc mode with CRC-32, Version 5 > MKey: vno 1 > Attributes: REQUIRES_PRE_AUTH > Policy: users > > instead of 8 vno2 keys for the old users. > > Is this the issue, and then how can it be corrected ? If it was just testing a few: change their passwords using GOsa². This should create the four missing keys. Otherwise delete all imported user accounts and do it again. > AFAICT, the only mysterious button I've hit in Gosa is > "Actions/Apply template" while in the Users view. Is that what > changed the settings ? Yes, that most probably did it. See above: Never click import before having chosen the template. AFAIC this is described in the manual, too. Wolfgang
Attachment:
signature.asc
Description: Digital signature