On Mon, Jul 15, 2013 at 7:04 PM, Dmitri Pal <d...@redhat.com> wrote:

> You probably want to remove krbPwdHistory attribute and set
> krbPwdHistoryLength to 0.
> Just so I'm clear:  I only want to do a one-time erase for one user so he
can use a password he was using
earlier.  We changed it for testing and I don't think that should be held
against him. :)

I'm not sure if this disables password history for that user or just clears



The government is going to read our mail anyway, might as well make it
tough for them.  GPG Public key ID:  B6A1A7C6
Freeipa-users mailing list

Reply via email to