[16492] in Kerberos-V5-bugs
[krbdev.mit.edu #8882] When doing a kdb5_util load with ldap backend
daemon@ATHENA.MIT.EDU (Machin, Glenn D via RT)
Thu Mar 5 13:52:05 2020
From: "Machin, Glenn D via RT" <rt-comment@KRBDEV-PROD-APP-1.mit.edu>
In-Reply-To: <B58D0C30-4DE6-4CCB-9AFC-FEDB1E66C842@sandia.gov>
Message-ID: <rt-4.4.4-82508-1583434317-776.8882-4-0@mit.edu>
To: "AdminCc of krbdev.mit.edu Ticket #8882":;
Date: Thu, 05 Mar 2020 13:51:58 -0500
MIME-Version: 1.0
Reply-To: rt-comment@KRBDEV-PROD-APP-1.mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
Thu Mar 05 13:51:57 2020: Request 8882 was acted upon.
Transaction: Ticket created by GMachin@sandia.gov
Queue: krb5
Subject: When doing a kdb5_util load with ldap backend the password expiration date is not loading
Owner: Nobody
Requestors: GMachin@sandia.gov
Status: new
Ticket <URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=8882 >
Identified the problem to be not setting KADM5_PW_EXPIRATION in the db entry mask.
krb5-1.17/src/kadmin/dbutil/dump.c
process_k5beta7_princ()
Add KADM5_PW_EXPIRATION to mask:
Change:
dbentry->mask = KADM5_LOAD | KADM5_PRINCIPAL | KADM5_ATTRIBUTES |
KADM5_MAX_LIFE | KADM5_MAX_RLIFE |
KADM5_PRINC_EXPIRE_TIME | KADM5_LAST_SUCCESS |
KADM5_LAST_FAILED | KADM5_FAIL_AUTH_COUNT;
To:
dbentry->mask = KADM5_LOAD | KADM5_PRINCIPAL | KADM5_ATTRIBUTES |
KADM5_MAX_LIFE | KADM5_MAX_RLIFE |
KADM5_PRINC_EXPIRE_TIME | KADM5_LAST_SUCCESS |
KADM5_LAST_FAILED | KADM5_FAIL_AUTH_COUNT | KADM5_PW_EXPIRATION;
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
