[3195] in Kerberos-V5-bugs
pending/940: Core dump with AD user with funky password settings
daemon@ATHENA.MIT.EDU (Moore, Mike)
Tue Apr 10 10:37:28 2001
Resent-From: gnats@rt-11.mit.edu (GNATS Management)
Resent-To: gnats-admin@rt-11.mit.edu
Resent-Reply-To: krb5-bugs@MIT.EDU, "Moore, Mike" <mike.moore@dotspot.com>
Message-Id: <D36F9D1560DAD311B86D009027DC78B30766C791@liilexch01.dotspot.com>
Date: Tue, 10 Apr 2001 09:36:42 -0500
From: "Moore, Mike" <mike.moore@dotspot.com>
To: "'krb5-bugs@mit.edu'" <krb5-bugs@mit.edu>
>Number: 940
>Category: pending
>Synopsis: Core dump with AD user with funky password settings
>Confidential: yes
>Severity: serious
>Priority: medium
>Responsible: gnats-admin
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Tue Apr 10 10:37:00 EDT 2001
>Last-Modified:
>Originator:
>Organization:
>Release:
>Environment:
>Description:
>How-To-Repeat:
>Fix:
>Audit-Trail:
>Unformatted:
How you doing?
I just ran into an interesting issue with a kerberos client trying to
authenticate an Active Directory user. The user was an admin in my group
who one day (long ago) was frustrated that his password had expired again
and decided to go in and check "password never expires" for his login.
Yesterday I tried to add his to a kerberos client and was getting a core
dump when trying to kinit his login.
After a little more testing, it seems that simply having a user with
"password never expires" checked works fine. It seems that the seg fault
occurs when the user has both a password that has expired already and has
"password never expires" checked.
Please let me know if this is unclear or if you need more info.
Thanks again for your kickass product.
Mike
630-799-7500 x33832
