[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: password expiry and ldap

To: =?UTF-8?Q?V=C3=A1clav_H=C5=AFla?= <ax@natur.cuni.cz>
Subject: Re: password expiry and ldap
From: Love Hörnquist Åstrand <lha@kth.se>
Date: Fri, 22 Sep 2006 09:54:56 +0200
Cc: heimdal-discuss@sics.se
In-Reply-To: <200609212040.24455.ax@natur.cuni.cz>
References: <200609201358.12824.ax@natur.cuni.cz> <200609212040.24455.ax@natur.cuni.cz>
Sender: owner-heimdal-discuss@sics.se


21 sep 2006 kl. 20.40 skrev VÃ¡clav HÅ¯la:

> So, after hours of googling and looking into wrong places, I can  
> reply to my
> own post ;)
>
> Dne Wednesday 20 September 2006 13:58 VÃ¡clav HÅ¯la napsal(a):
>> kadmin> mod --pw-expiration-time=2006-08-16 ax
>> kadmin: kadm5_modify_principal: Unknown error 36150281
>
> this happens when the account in ldap has both krb5 and samba  
> classes. The
> quick and dirty solution is to disable storing of  
> krb5EncryptionType in
> database

Ok, so I should fix this bug, glad that you found a way to workaround  
it though.

>> Can please anybody give me any hint? Is password aging even  
>> supposed to
>> work in this config?
>
> but the accounts were created with samba flag [X], which means "do not
> expire". It looks like its working well now.

So the interaction between samba accounts and heimdal accounts is  
intresting
to say at least.

Love

Follow-Ups:
- Re: password expiry and ldap
  - From: =?utf-8?q?V=C3=A1clav_H=C5=AFla?= <ax@natur.cuni.cz>

References:
- password expiry and ldap
  - From: =?utf-8?q?V=C3=A1clav_H=C5=AFla?= <ax@natur.cuni.cz>
- Re: password expiry and ldap
  - From: =?utf-8?q?V=C3=A1clav_H=C5=AFla?= <ax@natur.cuni.cz>

Prev by Date: Re: password expiry and ldap
Next by Date: Re: password expiry and ldap
Prev by thread: Re: password expiry and ldap
Next by thread: Re: password expiry and ldap
Index(es):
- Date
- Thread