disable KADM5_PASS_REUSE error case?

Chris Hecker checker at d6.com
Wed Jun 19 17:15:01 EDT 2013


Is there a way to disable the error case for chpass to the same 
password?  If somebody thinks they've forgotten their password, and I 
send them a change password link and they type the old password in, 
that's fine with me.  I don't see a way to specify this in the policy, 
and the mit kadm5 code seems to always do the check, in my cursory 
examination?

In my case, I can catch that error and just do nothing (assuming if I'm 
on LDAP it means it matches the current password, since there's no 
password history, right?), but it seems like this should be settable in 
the policy?

Chris



More information about the Kerberos mailing list