|
Strange behavior now with our passwords (and we still haven't solved
our problem with the "ipa" command, but at least with script, we
have a workaround): I noticed yesterday morning that my password, which has the following policy, was going to expire in 3 days so I changed it. Max lifetime (days) : 0 Min lifetime (hours) : 0 History size (number of passwords): 0 Character classes: 2 Min length: 8 Max failures: 4 Failure reset interval (seconds): 60 Lockout duration (seconds): 60 The IPA web UI immediately began reporting in red that "Your password expires in -1 days." This morning, I ran "kinit": $ kinit Password for [email protected]: Password expired. You must change it now. Enter new password: Enter it again: Warning: Your password wille xpire in less than one hour on Thu 06 Mar 2014 06:45:48 AM EST $ What's up? I'd like to solve this before it bites any of my users, though most have a policy that looks more like this: Max lifetime (days) : 180 Min lifetime (hours) : 1 History size (number of passwords): 0 Character classes: 2 Min length: 8 Max failures: 6 Failure reset interval (seconds): 60 Lockout duration (seconds): 600 |
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
