using REQUIRES_PWCHANGE kinit reports expired passwords
Eduardo A Muñoz
eagmunoz at gmail.com
Thu Oct 2 03:28:05 EDT 2008
Hi,
Im working with ubuntu 7.10 clients authenticating against kerberos. The
issue arises when I a set the REQUIRES_PWCHANGE attribute to a user key so
that in next login they are required to change the password. Some machines (
not all ) can't authenticate when the mentioned attribute is set , they
report
"kinit(v5): Password has expired while getting initial credentials"
(Of course my password expiration time haven't been reached and it reports
the same working with policies or without it)
if I a unset the attribute, i can obtain the tickets. Like i said this
behavior is present in some machines , others can get tickets with the
attribute set or unset with the same principals.
More information about the Kerberos
mailing list