[30328] in Kerberos
using REQUIRES_PWCHANGE kinit reports expired passwords
daemon@ATHENA.MIT.EDU (=?ISO-8859-1?Q?Eduardo_A_Mu=F1oz?=)
Thu Oct 2 03:28:30 2008
Message-ID: <995e303f0810020028x53518f5fm9ebc15f6a3dcd1c5@mail.gmail.com>
Date: Fri, 3 Oct 2008 02:58:05 +1930
From: "=?ISO-8859-1?Q?Eduardo_A_Mu=F1oz?=" <eagmunoz@gmail.com>
To: kerberos@mit.edu
MIME-Version: 1.0
Content-Disposition: inline
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Hi,
Im working with ubuntu 7.10 clients authenticating against kerberos. The
issue arises when I a set the REQUIRES_PWCHANGE attribute to a user key so
that in next login they are required to change the password. Some machines (
not all ) can't authenticate when the mentioned attribute is set , they
report
"kinit(v5): Password has expired while getting initial credentials"
(Of course my password expiration time haven't been reached and it reports
the same working with policies or without it)
if I a unset the attribute, i can obtain the tickets. Like i said this
behavior is present in some machines , others can get tickets with the
attribute set or unset with the same principals.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
