Kerberos for Mac caches password expiration info?

Matt Crawford crawdad at
Mon Mar 29 13:41:23 EST 2004

On Mar 29, 2004, at 11:42 AM, Ken Hornstein wrote:
>> Slaves are updated every 20 minutes.  This behavior continued for over
>> two days.  And the new password always worked.
> I am wondering if perhaps the account (not password) expiration was set
> for this principal?  That will also trigger the password expiration 
> warning
> for some variants of kinit & friends.
> --Ken

"The fault, dear Brutus, is not in our Mac, but in our Linux."

Perhaps the user did not carefully read or faithfully report the error 
message, or perhaps KfM didn't make it clear, but it was indeed due to 
principal expiration.  Whatever Linux implementation the user tried 
wasn't reporting that.

More information about the krbdev mailing list