[37460] in Kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: How to expire passwords for Kerberos user accounts

daemon@ATHENA.MIT.EDU (Greg Hudson)
Mon Mar 28 21:51:22 2016

To: "Ramaiah, Vanna G." <ramaiah@musc.edu>,
        "kerberos@mit.edu" <kerberos@mit.edu>
From: Greg Hudson <ghudson@mit.edu>
Message-ID: <56F9DF87.1000902@mit.edu>
Date: Mon, 28 Mar 2016 21:51:03 -0400
MIME-Version: 1.0
In-Reply-To: <AE3FEB1BD25D22479E9F293EBBF869B9F656A076@exg-mb11b.clinlan.local>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu

On 03/28/2016 05:17 PM, Ramaiah, Vanna G. wrote:
> Got it. For the new users, do I have to run  "kadmin: modprinc -expire "180 days" newprinc" or will the pwexpire field be set when the account is created?

As long as you set the policy when you create the new principal
("addprinc -policy userpolicy"), the policy's maximum lifetime will be
applied when the password is first set.
________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[37460] in Kerberos

Re: How to expire passwords for Kerberos user accounts

daemon@ATHENA.MIT.EDU (Greg Hudson)Mon Mar 28 21:51:22 2016

daemon@ATHENA.MIT.EDU (Greg Hudson)
Mon Mar 28 21:51:22 2016