| commit | 3cf370895066c4a03642433436b812229731e095 | |
| author | Arvid Requate <requate@univention.de> | |
| Mon, 4 Mar 2013 16:02:38 +0000 (4 17:02 +0100) | ||
| committer | Love Hornquist Astrand <lha@h5l.org> | |
| Mon, 4 Mar 2013 17:47:46 +0000 (4 09:47 -0800) | ||
| tree | a323c7888424338cc9b868d7eba7245645cbcc27 | treesnapshot (tar.gz zip) |
| parent | 66f4c441e9e0de68fbcf81763642779ac5c33631 | commitdiff |
honour krb5PasswordEnd also if sambaPwdLastSet
Commit 9f696b11c2d09869f8aaeabb4450964b462e979f changed the
behaviour of key expiry for principals that have an sambaPwdLastSet
attribute in LDAP. The change was twofold:
* if "password_lifetime" is not set in kdc.conf a default lifetime
of 1 year is enforced
* krb5PasswordEnd is not honoured.
This patch causes pw_end to be modified only if sambaPwdLastSet
*and* "password_lifetime" is defined in kdc.conf.
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
Commit 9f696b11c2d09869f8aaeabb4450964b462e979f changed the
behaviour of key expiry for principals that have an sambaPwdLastSet
attribute in LDAP. The change was twofold:
* if "password_lifetime" is not set in kdc.conf a default lifetime
of 1 year is enforced
* krb5PasswordEnd is not honoured.
This patch causes pw_end to be modified only if sambaPwdLastSet
*and* "password_lifetime" is defined in kdc.conf.
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
| lib/hdb/hdb-ldap.c | diffblobblamehistory |