This is in regard to multiple accounts that share the same UID... when you first login to a server the OS is good about going by the username, not UID, in the shadow file to validate their password. However, when one of those accounts has it's password expire and is forced to change it, the operation controlling that does a lookup by UID instead and tries to make the user change the password for the wrong account. That lookup should be done by username as well, not UID.
↧
