disable KADM5_PASS_REUSE error case?

Nico Williams nico at cryptonector.com
Thu Jun 20 19:02:12 EDT 2013


Remember, policies are now extensible.  So you could add a bit in the
*policy* that says that it's OK for a user to change the password to
one used previously.  OR, we might extend *principals* to say this.
Chris' use case is for password resets, so setting a flag in the
principal when resetting its password, then resetting that flag upon
password change would suffice.


More information about the Kerberos mailing list