Q: How to kill an Open Directory - Password be reset on first user login
Hi all,
I've been running into this issue for quite some time now, however, I've finally grown tired of it. I want to set a password policy, but the option to "reset password on first user login" completely kills OpenDirectory.
Running OS X Server 10.11.3 and 5.0.15, though this has also occurred in Yosemite versions. This particular scenario is a brand new, clean install in a VM. Only OpenDirectory, and proper DNS are enabled. DNS was configured completely by the Server app when setting the host name and checks out good in Terminal.
I've created a few test OpenDirectory users and confirmed I am able to log in with them. I can set any other option in the Password Policy just fine, however, the minute I enable "reset password on first user login", my OpenDirectory is ruined.
I'm unable to add new users, I'm unable to change passwords, the previous password policies I had set no longer work. I.E. user cannot change password when logging in for the first time. Proper password is entered, but login window shakes when attempting to configure the new password.
Error received after the OpenDirectory gets hosed is "Operation is not supported by the directory node." Not only is the directory hosed, but it becomes hella difficult to even remove or disable the service.
Does anyone have any thoughts? I'd really like to enable this function so I'm not creating a temporary password for users, then relying on them to change it themselves.
Thanks,
MacBook Pro, OS X El Capitan (10.11.3), 8GB RAM, SSD, 4GB allotted to VM
Posted on Mar 15, 2016 2:03 PM