[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

changepw attributes (for use with Windows)

I've realized that the reason that the Windows password-changing
protocol didn't work for me with pass-through login is just that the
kadmin/changepw principal has disallow-forwardable in the attributes
set up by kadmin init -- the request from Windows XP is for a
forwardable one.  I'm surprised others don't have the same problem.

Removing the attribute solves the problem.  Is removing it a bad thing
to do generally?