krb5 API
Mike Reinertsen
mike.reinertsen at nyfix.com
Mon Jul 29 14:14:33 EDT 2002
I have looked at that code and it is not clear to me how it works. I tried
to emulate it, but I'm calling krb5_get_in_tkt_with_password() and
as_reply->enc_part2->key_exp is nil upon return from call. In the code you
refer to, as_reply->enc_part2->key_exp is used to obtain the password
expiration. Perhaps, I need to call krb5_get_init_creds?
Thanks.
-----Original Message-----
From: Nicolas.Williams at ubsw.com [mailto:Nicolas.Williams at ubsw.com]
Sent: Monday, July 29, 2002 12:24 PM
To: mike.reinertsen at nyfix.com; kerberos at mit.edu
Subject: RE: krb5 API
1. Sort of, but yes. I forget the details, but take a look at how the
krb5_get_init_creds_password() API's source does it.
2. No. To access the details of password policies you need to use the
kadm5 API, or, alternatively, you can try to change the user's password
and rely on the error response to include some information about the
password policy.
Nico
--
> -----Original Message-----
> From: Mike Reinertsen [mailto:mike.reinertsen at nyfix.com]
> Sent: Monday, July 29, 2002 12:05 PM
> To: 'kerberos at mit.edu'
> Subject: krb5 API
>
>
> Can one get a password's expiration date using the krb5 API?
> Also, can one
> get at password policies using the krb5 API?
>
> Thanks.
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> http://mailman.mit.edu/mailman/listinfo/kerberos
>
Visit our website at http://www.ubswarburg.com
This message contains confidential information and is intended only
for the individual named. If you are not the named addressee you
should not disseminate, distribute or copy this e-mail. Please
notify the sender immediately by e-mail if you have received this
e-mail by mistake and delete this e-mail from your system.
E-mail transmission cannot be guaranteed to be secure or error-free
as information could be intercepted, corrupted, lost, destroyed,
arrive late or incomplete, or contain viruses. The sender therefore
does not accept liability for any errors or omissions in the contents
of this message which arise as a result of e-mail transmission. If
verification is required please request a hard-copy version. This
message is provided for informational purposes and should not be
construed as a solicitation or offer to buy or sell any securities or
related financial instruments.
More information about the Kerberos
mailing list