Hi all, On Mi 21 Mär 2012 07:15:17 CET Giorgio Pioda wrote:
On Tue, Mar 20, 2012 at 10:00:43PM +0100, Petter Reinholdtsen wrote:[Andreas B. Mundt] > Hi, Hi. > Just remove the "-maxlife" option completely. Use something like: > > kadmin.local -q "add_policy -minlength 4 -minclasses 2 user"The default policy I think is 1year, but I'm not sure of it
The intention of placing a -maxlife argument into the policy was for defining the maximum ticket lifetime so the ticket may survive >24h.
Unfortunately, I mixed up the -maxlife option of add_principal (which does exactly the described above) and the -maxlife option of add_policy. The former sets the max life time of the ticket, the latter the max life time of the password.
Arggggg.... Sorry for the inconvenience!!! Mike -- DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419 GnuPG Key ID 0xB588399B mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
pgpuQ1uAEgMNe.pgp
Description: Digitale PGP-Unterschrift