hi all, >> My questions: >> 1. Is this an expected behavior? >> 2. Is this happening because of '-randkey'? (since not specifying -randkey >> gave proper Password expiration date.)
>It probably is happening because of -randkey, although I think that's a >bug. If Russ thinks that it's a bug, can somebody please tell me that what should be the correct behavior? and Where can I get this(in RFC...I guess???) >-randkey is implemented under the hood by creating a disabled account with >a fixed password, changing its password to a random password, and then >enabling the account. I bet that the password expiration is applied to >the initial account creation and then cleared immediately by the password >change to the random password. >(This is why, when you create an account with -randkey, it immediately >ends up with a kvno of 2 instead of 1.) Is it okey to for a random key principal to have a kvno 2 for nothing?(or is there something to do with this?) Russ, thanks for reply. I really appreciete that. Regards, Rathor ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
