[krbdev.mit.edu #8882] When doing a kdb5_util load with ldap backend the password expiration date is not loading
Machin, Glenn D via RT
rt-comment at KRBDEV-PROD-APP-1.mit.edu
Thu Mar 5 13:51:58 EST 2020
Thu Mar 05 13:51:57 2020: Request 8882 was acted upon.
Transaction: Ticket created by GMachin at sandia.gov
Queue: krb5
Subject: When doing a kdb5_util load with ldap backend the password expiration date is not loading
Owner: Nobody
Requestors: GMachin at sandia.gov
Status: new
Ticket <URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=8882 >
Identified the problem to be not setting KADM5_PW_EXPIRATION in the db entry mask.
krb5-1.17/src/kadmin/dbutil/dump.c
process_k5beta7_princ()
Add KADM5_PW_EXPIRATION to mask:
Change:
dbentry->mask = KADM5_LOAD | KADM5_PRINCIPAL | KADM5_ATTRIBUTES |
KADM5_MAX_LIFE | KADM5_MAX_RLIFE |
KADM5_PRINC_EXPIRE_TIME | KADM5_LAST_SUCCESS |
KADM5_LAST_FAILED | KADM5_FAIL_AUTH_COUNT;
To:
dbentry->mask = KADM5_LOAD | KADM5_PRINCIPAL | KADM5_ATTRIBUTES |
KADM5_MAX_LIFE | KADM5_MAX_RLIFE |
KADM5_PRINC_EXPIRE_TIME | KADM5_LAST_SUCCESS |
KADM5_LAST_FAILED | KADM5_FAIL_AUTH_COUNT | KADM5_PW_EXPIRATION;
More information about the krb5-bugs
mailing list