[tac_plus] Re: user-managed password changes
john heasley
heas at shrubbery.net
Wed Jan 24 16:42:28 UTC 2007
Wed, Jan 24, 2007 at 01:23:35PM +1100, Daniel Rose:
> It's sometimes possible in enterprise environments to change your own
> password by using the password "Changepass" or just enter at the
> password prompt.
>
> The user is then asked to enter their old password and the new one
> twice, and the tacacs database is updated.
>
> How is this done with the tac_plus implementation? Have I missed
> something significant here?
tacacs does not support this natively/internally. it only supports password
expiration.
what could be done, i believe, is to use PAM as the tacacs authentication
method. using pam, the password can expire and begin an interaction with
the user in a new password dialog.
Others have used a web page, which changes either a database that is exported
to tacacs configuration files or that is used via PAM.
cheers.
> --
> Daniel Rose
> Business Systems Support
> National Library of Australia
> ph 6262 1599 -- fx 6273 3648
> _______________________________________________
> tac_plus mailing list
> tac_plus at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/tac_plus
More information about the tac_plus
mailing list