What is the correct function to use to retrieve principal information without having to obtain a handle through an administrator login? Maybe it's easier to explain by telling what I want to accomplish. We authenticate users on a web page using krb5_get_init_creds_password. I want to display things like how long until the users password expires after they authenticate, and the only information I have to do so is the username and password of the user/principal.
If I use kadm5_get_principal, can I get the handle for it with the principal I'm getting the information on by using the PWCHANGE_SERVICE flag instead of KADM5_ADMIN_SERVICE like so? kadm5_init_with_password(auser, apass, KADM5__PWCHANGE_SERVICE, NULL, KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, &kadm5_handle); Chris ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
