Kerberos for Mac caches password expiration info?

Matt Crawford crawdad at
Sat Mar 27 11:25:58 EST 2004

On Mar 26, 2004, at 8:55 PM, Alexandra Ellwood wrote:

> Is it possible that the user's Macintosh is talking to a slave KDC 
> which has not yet updated to reflect the password change?  I tried 
> this against a Heimdal 0.6 KDC with the 10.3.3 kpasswd/kinit and was 
> unable to reproduce the behavior you describe.

Slaves are updated every 20 minutes.  This behavior continued for over 
two days.  And the new password always worked.

More information about the krbdev mailing list