Password expiration problem

jblaine@kickflop.net jblaine at kickflop.net
Wed Aug 12 11:01:31 EDT 2009


I'm confused about password expiration.  We have users
who are getting their future password expiration date set
to 14 days from the last time they changed it.  What are
we doing wrong?

This is MIT Kerberos 1.6.x

kadmin:  getprinc gut
Principal: gut at FOO.COM
Expiration date: [never]
Last password change: Mon Aug 10 15:25:44 EDT 2009
Password expiration date: Mon Aug 24 15:25:44 EDT 2009
Maximum ticket life: 7 days 00:00:00
Maximum renewable life: 14 days 00:00:00
Last modified: Mon Aug 10 15:25:44 EDT 2009 (kadmind at FOO.COM)
Last successful authentication: [never]
Last failed authentication: [never]
Failed password attempts: 0
Number of keys: 2
Key: vno 7, Triple DES cbc mode with HMAC/sha1, no salt
Key: vno 7, DES cbc mode with CRC-32, no salt
Attributes:
Policy: RCFUsers

kadmin:  getpol RCFUsers
Policy: RCFUsers
Maximum password life: 1209600
Minimum password life: 0
Minimum password length: 6
Minimum number of password character classes: 2
Number of old keys kept: 1
Reference count: 130
kadmin:





More information about the Kerberos mailing list