I've patched my krb5 libraries and my kdc so that I can notify users of impending password expiration as detailed in these messages:
http://mailman.mit.edu/pipermail/krb5-bugs/2002-February/000012.html http://mailman.mit.edu/pipermail/kerberos/2002-August/001418.html However, it seems that I can only retrieve the information in a few routines, like krb5_get_init_creds_password krb5_get_init_creds for instance. This works fine for kinit, but I plan on using a krb5 PAM module for my initial Kerberos support, and the apps using the module don't always seem to print out this information (xdm+PAM, for instance, though I could hack something in to the PAM_conv routine). Is there another way using the current credentials (avoiding yet another password entry) to get the krb5_kdc_rep reply from the KDC which tells of the impending password expiration? That way I could just run it from the global tcshrc/zshrc . Thanks, ---------------------------------------------------------------------- | Jim Hranicky, Senior SysAdmin UF/CISE Department | | E314D CSE Building Phone (352) 392-1499 | | [EMAIL PROTECTED] http://www.cise.ufl.edu/~jfh | ---------------------------------------------------------------------- ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
