Password expiration problem
jblaine@kickflop.net
jblaine at kickflop.net
Wed Aug 12 13:52:31 EDT 2009
Oops. Thanks Tom.
> jblaine at kickflop.net writes:
>
>> I'm confused about password expiration. We have users
>> who are getting their future password expiration date set
>> to 14 days from the last time they changed it. What are
>> we doing wrong?
>>
>> This is MIT Kerberos 1.6.x
>>
>> kadmin: getprinc gut
>> Principal: gut at FOO.COM
>> Expiration date: [never]
>> Last password change: Mon Aug 10 15:25:44 EDT 2009
>> Password expiration date: Mon Aug 24 15:25:44 EDT 2009
>> Maximum ticket life: 7 days 00:00:00
>> Maximum renewable life: 14 days 00:00:00
>> Last modified: Mon Aug 10 15:25:44 EDT 2009 (kadmind at FOO.COM)
>> Last successful authentication: [never]
>> Last failed authentication: [never]
>> Failed password attempts: 0
>> Number of keys: 2
>> Key: vno 7, Triple DES cbc mode with HMAC/sha1, no salt
>> Key: vno 7, DES cbc mode with CRC-32, no salt
>> Attributes:
>> Policy: RCFUsers
>>
>> kadmin: getpol RCFUsers
>> Policy: RCFUsers
>> Maximum password life: 1209600
>
> = 60 * 60 * 24 * 14
>
> It looks to me like it's doing exactly as you asked it to, unless I'm
> misunderstanding your question.
>
>> Minimum password life: 0
>> Minimum password length: 6
>> Minimum number of password character classes: 2
>> Number of old keys kept: 1
>> Reference count: 130
>
>
More information about the Kerberos
mailing list