Hi Jason, Am 22.05.2013 um 15:41 schrieb "Edgecombe, Jason" <[email protected]>: > What options are available for enforcing password policies for an MIT > kerberos realm?
This is documented here: http://web.mit.edu/kerberos/krb5-devel/doc/admin/admin_commands/kadmin_local.html#add-policy > The passwords policies would: > * passwords must be a minimum length This would be -minlength > * passwords must contain at least one upper case letter, lowercase letter, > number, and a special character. This is similar to -minclasses > * passwords may not contain certain characters, like unicode or some ACSII > characters To my knowledge this is not possible, but I also don't see a reason to limit it. > * password must expire every X days and be changed. How would Linux & windows > clients handle that? This is -maxlife > * the previous X passwords may not be reused. This is -history Best regards -- Dago -- "You don't become great by trying to be great, you become great by wanting to do something, and then doing it so hard that you become great in the process." - xkcd #896 ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
