[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Password history

Currently, if samba is using an LDAP backend, it has the ability to
keep a password history using the sambaPasswordHistory LDAP attribute.
I'm wondering if Heimdal could use this as well.

Samba keeps track of the number of kept passwords in a
samba tdb file. Heimdal could use a flag in kdc.conf to do the same,
though ideally that info could be kept in LDAP as well, but that may
require coordination with the samba team.

Also, the issue I raised before comes into play: if any of the LDAP
entries also have kerberos LDAP attributes, this wouldn't work -- at
the very least, another field would be required, unless this 
functionality were put into smbk5pwd .

Is there any interest getting this functionality into Heimdal?

| Jim Hranicky, Senior SysAdmin                   UF/CISE Department |
| E314D CSE Building                            Phone (352) 392-1499 |
| jfh@cise.ufl.edu                      http://www.cise.ufl.edu/~jfh |