Kerberos for Mac caches password expiration info?

Ken Hornstein kenh at
Mon Mar 29 13:45:24 EST 2004

>Perhaps the user did not carefully read or faithfully report the error 
>message, or perhaps KfM didn't make it clear, but it was indeed due to 
>principal expiration.  Whatever Linux implementation the user tried 
>wasn't reporting that.

You can't completely blame the user.  The problem is that the client-side
code will always call it a "password expiration", not "account expiration".
It's a long story.


More information about the krbdev mailing list