How to expire passwords for Kerberos user accounts
Ramaiah, Vanna G.
ramaiah at musc.edu
Mon Mar 28 17:08:13 EDT 2016
For existing accounts, I can run "kadmin: modprinc -policy userpolicy oldprinc"
Why do I have to run this command "kadmin: modprinc -expire "180 days" oldprinc", if the policy is already applied?
-----Original Message-----
From: Greg Hudson [mailto:ghudson at mit.edu]
Sent: Monday, March 28, 2016 5:05 PM
To: Ramaiah, Vanna G.; kerberos at mit.edu
Subject: Re: How to expire passwords for Kerberos user accounts
On 03/28/2016 05:00 PM, Ramaiah, Vanna G. wrote:
> Thank you. How to exclude service accounts from this password expiration? I guess, If I don't run the command "kadmin: modprinc -policy userpolicy oldprinc" for service accounts and create a policy with name other than default, service accounts will remain untouched. Is that correct?
Yes, that's correct.
More information about the Kerberos
mailing list