kinit always warning about passw expiration
Andreas Hasenack
ahasenack at terra.com.br
Mon Nov 27 12:26:25 EST 2006
When I run MIT's kinit (version 1.4.3 + sec.patch) against a heimdal KDC
(0.7, backend in ldap, no samba attributes), I always get the password
expiration warning:
$ kinit
Password for mary at EXAMPLE.COM:
Warning: Your password will expire in 364 days on Tue Nov 27 15:17:52 2007
$
The KDC has this attribute in this user's entry:
krb5PasswordEnd: 20071127171752Z
If I do the same from heimdal's kinit, I only get the warning if the
expiration time is in 7 days or less, which is my intention.
I suppose there is some incompatibility in the network protocol
between the two implementations?
More information about the Kerberos
mailing list