[kdc-schema] Kerberos Password Policy vs LDAP Password Policy
Ludovic Poitou
ludovic.poitou at Sun.COM
Wed Jul 30 06:24:50 EDT 2003
I've done an evaluation of both Kerberos and LDAP password policies,
based on a Sun blueprint (http://www.sun.com/blueprints/1001/krb.pdf,
page 12 "Establishing the Password Policies").
There's nothing in the kerberos password policy that is not supported by
the LDAP password policy.
The only item that differ is the Kerberos "Maximum Password Classes".
The LDAP password policy defines whether the "syntax" is to be checked
but doesn't defines what are the minimal requirement on the password
itself. These requirements are implementation details.
Ludovic
---
Ludovic Poitou
Sun ONE Directory Architect
Sun Microsystems.
More information about the kdc-schema
mailing list