[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Password history

To: heimdal-discuss@sics.se
Subject: Password history
From: "James F. Hranicky" <jfh@cise.ufl.edu>
Date: Thu, 31 Mar 2005 16:16:17 -0500
Organization: University of Florida CISE Department
Sender: owner-heimdal-discuss@sics.se

Currently, if samba is using an LDAP backend, it has the ability to
keep a password history using the sambaPasswordHistory LDAP attribute.
I'm wondering if Heimdal could use this as well.

Samba keeps track of the number of kept passwords in a
samba tdb file. Heimdal could use a flag in kdc.conf to do the same,
though ideally that info could be kept in LDAP as well, but that may
require coordination with the samba team.

Also, the issue I raised before comes into play: if any of the LDAP
entries also have kerberos LDAP attributes, this wouldn't work -- at
the very least, another field would be required, unless this 
functionality were put into smbk5pwd .

Is there any interest getting this functionality into Heimdal?

----------------------------------------------------------------------
| Jim Hranicky, Senior SysAdmin                   UF/CISE Department |
| E314D CSE Building                            Phone (352) 392-1499 |
| jfh@cise.ufl.edu                      http://www.cise.ufl.edu/~jfh |
----------------------------------------------------------------------

Next by Date: Login from windows client fails with pre-auth enabled
Next by thread: Login from windows client fails with pre-auth enabled
Index(es):
- Date
- Thread