Kerberos for Mac caches password expiration info?

[Matt Crawford]

On Mar 26, 2004, at 8:55 PM, Alexandra Ellwood wrote:

> Is it possible that the user's Macintosh is talking to a slave KDC 
> which has not yet updated to reflect the password change?  I tried 
> this against a Heimdal 0.6 KDC with the 10.3.3 kpasswd/kinit and was 
> unable to reproduce the behavior you describe.

Slaves are updated every 20 minutes.  This behavior continued for over 
two days.  And the new password always worked.