Tarantella normally requires a user to supply passwords for both the Tarantella server to which they want to log in, and the application server on which they want to launch an application. Tarantella Administrators can configure what happens when a user supplies an expired password at either stage.
If you want Tarantella to prompt ENS or UNIX users for a new password if they log in to Tarantella with an expired password, you need to ensure that the PAM (Pluggable Authentication Module) interface is installed on your Tarantella servers. This ensures that a user cannot log in to Tarantella with an expired password. If a user attempts this, a dialog box prompts the user for the following:
If the new password is accepted, the user is then logged in to Tarantella.
Note Tarantella does not prompt LDAP users for a new password if they log in to Tarantella with an expired password.
If the PAM interface is not installed, Tarantella
will not be able to support aged passwords. An error message is logged
in install_dir/var/log/pemanagerpid_error.log
on server startup if this is the case.
You can use Array Manager to modify the way that Tarantella deals with expired passwords on all application servers. The Application Launch panel lets you configure what happens when a user tries to launch an application on an application server for which their password has expired. Tarantella can:
The Prompt User option may not work on some application servers. In such circumstances, you must customize the appropriate login script.