SDDM doesn't support expired password prompt (AD account)?

sudo systemctl status sddm
โ— sddm.service - Simple Desktop Display Manager
     Loaded: loaded (/usr/lib/systemd/system/sddm.service; enabled; preset: enabled)
     Active: active (running) since Mon 2024-11-25 09:03:13 EST; 33s ago
       Docs: man:sddm(1)
             man:sddm.conf(5)
    Process: 2327 ExecStartPre=/bin/sh -c [ "$(cat /etc/X11/default-display-manager 2>/dev/null)" = "/usr/bin/sddm" ] (code=exited, status=0/SUCCESS)
   Main PID: 2330 (sddm)
      Tasks: 19 (limit: 18753)
     Memory: 42.8M (peak: 43.3M)
        CPU: 873ms
     CGroup: /system.slice/sddm.service
             โ”œโ”€2330 /usr/bin/sddm
             โ”œโ”€2350 /usr/lib/xorg/Xorg -nolisten tcp -background none -seat seat0 vt2 -auth /run/sddm/xauth_AtAHja -noreset -displayfd 16
             โ””โ”€2492 /usr/lib/x86_64-linux-gnu/sddm/sddm-helper --socket /tmp/sddm-auth-6a0e1b27-ec96-4ead-9583-ed9435b42f8e --id 1 --start /usr/bin/startplasma-x11 --user pyor>

Nov 25 09:03:23 sddm-helper[2492]: pam_sss(sddm:account): User info message: Password expired. Change your password now.
Nov 25 09:03:23 sddm-helper[2492]: [PAM] Preparing to converse...
Nov 25 09:03:23 sddm-helper[2492]: [PAM] Conversation with 1 messages
Nov 25 09:03:23 sddm[2330]: Authentication information: SDDM::Auth::INFO_UNKNOWN "Password expired. Change your password now."
Nov 25 09:03:23 sddm-helper[2492]: pam_unix(sddm:chauthtok): user "pyorgova" does not exist in /etc/passwd
Nov 25 09:03:23 sddm-helper[2492]: [PAM] Preparing to converse...
Nov 25 09:03:23 sddm-helper[2492]: [PAM] Conversation with 1 messages
Nov 25 09:03:30 sddm[2330]: Message received from greeter: Login
Nov 25 09:03:30 sddm[2330]: Reading from "/usr/share/xsessions/plasma.desktop"
Nov 25 09:03:30 sddm[2330]: Existing authentication ongoing, aborting

And I also found an open issue on GitHub

The desktop is running on Kubuntu 24.04, and the account is an Active Directory account

As far as I know this is not implemented.
In the past there was very little review activity in the SDDM repository, so this feature got stuck.

Nowadays at least some KDE people are looking at the repository, so someone would have to give the PR the final push and ideally notify the right KDE people.

I had a quick look at Support for expired passwords and pam message localization (#472) by hoehnth ยท Pull Request #776 ยท sddm/sddm ยท GitHub, I suppose the biggest problem is that the pull request requires lots of changes and nobody is confident enough to approach a change of about 2.2k lines of code touching the sddm core.
And there are probably also still some more basic review items left.

1 Like

Guess Iโ€™m gonna have to switch to LightDM for now

Iโ€™m having trouble trying to integrate LightDM with Plasma 5.27

Any suggestions or user-friendly workaround?