confusion in ank.
Nicolas Williams
Nicolas.Williams at sun.com
Mon Apr 23 11:52:36 EDT 2007
On Mon, Apr 23, 2007 at 11:27:22AM -0400, Kevin Coffman wrote:
> I haven't looked at the code, but I think this is probably done on
> purpose and is not a bug. When you create a keytab, you create a new
> random key for the account. There is no password associated with that
> key, and there is no longer a reason for a password expiration.
Password quality policies certainly shouldn't apply to randomly-
generated keys, but that does not mean that there cannot be a key
expiration policy.
More information about the Kerberos
mailing list