Password changed too recently

Russ Allbery rra at stanford.edu
Mon Mar 24 20:33:36 EDT 2008


Jeff Blaine <jblaine at kickflop.net> writes:

> Is there a way to override this restriction?  We can't
> have this in our way.

>  > % /usr/rcf-krb5/bin/kpasswd
>  > Password for joeschmoe at OURHOST.FOO.COM
>  > Enter new password:
>  > Enter it again:
>  > Password change rejected: Password cannot be changed because it was
>  > changed too recently.
>  > Please wait until Mon Mar 31 14:42:25 2008 before you change it.
>  > If you need to change your password before then, contact your system
>  > security administrator.

I'm pretty sure you have to go out of your way to get this behavior and
it's not the default.  Check to see if -minlife was set in your password
policy.  If so, unset that.  (This is assuming that you use MIT Kerberos.)

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>



More information about the Kerberos mailing list