Options for enforcing password policies

Edgecombe, Jason jwedgeco at uncc.edu
Wed May 22 09:41:20 EDT 2013

Hi everyone,

What options are available for enforcing password policies for an MIT kerberos realm?

The passwords policies would:
* passwords must be a minimum length
* passwords must contain at least one upper case letter, lowercase letter, number, and a special character.
* passwords may not contain certain characters, like unicode or some ACSII characters
* password must expire every X days and be changed. How would Linux & windows clients handle that?
* the previous X passwords may not be reused.

I'm looking to satisfy most, if not all, of these requirements.

Any guidance is appreciated.


Jason Edgecombe | Linux and Solaris Administrator
UNC Charlotte | The William States Lee College of Engineering
9201 University City Blvd. | Charlotte, NC 28223-0001
Phone: 704-687-1943
jwedgeco at uncc.edu | http://coe.uncc.edu |  Facebook
If you are not the intended recipient of this transmission or a person responsible for delivering it to the intended recipient, any disclosure, copying, distribution, or other use of any of the information in this transmission is strictly prohibited. If you have received this transmission in error, please notify me immediately by reply e-mail or by telephone at 704-687-1943.  Thank you.

More information about the Kerberos mailing list