[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: password expiry and ldap

To: =?utf-8?q?V=C3=A1clav_H=C5=AFla?= <ax@natur.cuni.cz>, heimdal-discuss@sics.se
Subject: Re: password expiry and ldap
From: =?utf-8?q?V=C3=A1clav_H=C5=AFla?= <ax@natur.cuni.cz>
Date: Thu, 21 Sep 2006 20:40:24 +0200
In-Reply-To: <200609201358.12824.ax@natur.cuni.cz>
Organization: CIT
References: <200609201358.12824.ax@natur.cuni.cz>
Reply-To: =?utf-8?q?V=C3=A1clav_H=C5=AFla?= <ax@natur.cuni.cz>
Sender: owner-heimdal-discuss@sics.se
User-Agent: KMail/1.9.3

So, after hours of googling and looking into wrong places, I can reply to my 
own post ;)

Dne Wednesday 20 September 2006 13:58 VÃ¡clav HÅ¯la napsal(a):
> kadmin> mod --pw-expiration-time=2006-08-16 ax
> kadmin: kadm5_modify_principal: Unknown error 36150281

this happens when the account in ldap has both krb5 and samba classes. The 
quick and dirty solution is to disable storing of krb5EncryptionType in 
database

> Can please anybody give me any hint? Is password aging even supposed to
> work in this config?

but the accounts were created with samba flag [X], which means "do not 
expire". It looks like its working well now.

Ax
-- 
VÃ¡clav HÅ¯la,
sprÃ¡vce unixovÃ½ch serverÅ¯
PÅ™ÃrodovÄ›deckÃ¡ fakulta
Univerzita Karlova v Praze

Follow-Ups:
- Re: password expiry and ldap
  - From: Love Hörnquist Åstrand <lha@kth.se>

References:
- password expiry and ldap
  - From: =?utf-8?q?V=C3=A1clav_H=C5=AFla?= <ax@natur.cuni.cz>

Prev by Date: password expiry and ldap
Next by Date: Re: password expiry and ldap
Prev by thread: password expiry and ldap
Next by thread: Re: password expiry and ldap
Index(es):
- Date
- Thread