[krbdev.mit.edu #7535] SVN Commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Wed Jan 9 15:41:47 EST 2013
Stop loading policy for pw_expiration in LDAP
populate_krb5_db_entry() performs a subsidiary LDAP search to load the
password policy, which it uses to update the pw_expiration field.
This has some minimal value (it causes pw_expiration values in
principals to auto-update whenever the pw_max_life field of a policy
changes), but it's complicated, expensive, and inconsistent with the
DB2 back end. Get rid of it.
https://github.com/krb5/krb5/commit/090f561c631db7e4970b71cbe1426d636c39c77a
Author: Greg Hudson <ghudson at mit.edu>
Commit: 090f561c631db7e4970b71cbe1426d636c39c77a
Branch: master
src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c | 24 ------------------------
1 files changed, 0 insertions(+), 24 deletions(-)
More information about the krb5-bugs
mailing list