I have experienced this for years and just put up with it. However a client of mine now wants to stop this happening to their users. I have scoured the internet but can find no reference to the problem. I tried switching to PAM authentication thinking this might help but it made no difference.
Anyone out there in AIX land know how to fix this please?
hm with local passwd/shadow auth the user remains logged in
but with ldap auth in my case tivoli directory server 6, the user gets disconnected after password change, and has to login again with his new password
I thought this is a normal behaviour, experienced this for three years now
since this must be done once every 3 months, it's no problem for my users
perhaps tell them it's a normal behaviour, I think it is
Many thanks for the feedback. Now this is what I do not understand, there is no trace of LDAP anywhere but it still happens. From my own experience I cannot remember whether LDAP was involved previously or not but as I said in my original post I just accepted it as normal.
So with the password being verified locally why is it still "kicking them out"?
Sorry but what did you mean by "local passwd/shadow auth"?
unfortunately I can't tell you why the users get kicked after password change
perhaps you want to open an IBM software call, and ask if it's normal
passwd/shadow auth is the standard AIX authentication (and many more files are involved)
you have your user data locally on the machine
with ldap, the user data is stored on a ldap server
the advantage: you have your data centralized, it's easy to maintain, and you may use the same user database on all of your machines
you can check this in /etc/security/user,
stanza default
SYSTEM =
if it's LDAP, or "compat/files or LDAP", then you use an ldap-server
Ah sorry I was being ever so slghtly thick! /etc/passwd and /etc/shadow! Got it now. Also thanks for the suggestion /etc/security/user but I am sure it will be set to local etc.
Hey no mistake I have the same problem (AIX, HP-UX, SOLARIS etc.) It did rather confuse me thinking in an AIX way, then the light came on and I realised what you meant!