From Fedora Project Wiki

Revision as of 01:45, 7 February 2015 by Adamwill (talk | contribs) (update to say it's associated with server role requirements not release criteria)

Associated release criterion
This test case is associated with the Domain controller role requirements. If that is a Featured server role and you are doing release validation testing, a failure of this test case may be a breach of the Alpha, Beta, or Final Fedora release criteria requiring Featured server roles to meet their functional requirements. If so, please file a bug and nominate it as blocking the appropriate milestone, using the blocker bug nomination page.


Test user password changes with FreeIPA web interface and command line.


  1. Deploy a correctly-configured FreeIPA domain controller. You can follow:
    QA:Testcase_Server_role_deploy with the Domain Controller role to deploy a FreeIPA domain controller on Fedora 28 or earlier
    QA:Testcase_freeipa_trust_server_installation to deploy a FreeIPA domain controller on Fedora 29 or later
  2. Enrol a test system in the domain. There are various ways to do this. You will find several test cases you can follow in the Server release validation test cases, FreeIPA test cases, and Realmd test cases

How to test

  1. Log in to the FreeIPA web UI (use the IPA server's hostname as the URL) as any domain user
  2. Browse to the user's page (if you log in as a non-admin user, this will be the first page you see)
  3. Click 'Reset Password' and change the password
  4. Log out of the web UI
  5. Open a console
  6. Run kinit (user), where (user) is the name of the user account whose password you just changed
  7. Enter the new password
  8. Run ipa user-mod (user) --password, again substituting the user name for (user), and change the password again
  9. Attempt to run kinit again, log in to the web UI again, or log in to the system using the new password

Expected Results

  1. You should encounter no errors when changing the password or running kinit
  2. Authenticating with the new password after each change should succeed