For existing accounts, I can run "kadmin: modprinc -policy userpolicy oldprinc" Why do I have to run this command "kadmin: modprinc -expire "180 days" oldprinc", if the policy is already applied?
-----Original Message----- From: Greg Hudson [mailto:[email protected]] Sent: Monday, March 28, 2016 5:05 PM To: Ramaiah, Vanna G.; [email protected] Subject: Re: How to expire passwords for Kerberos user accounts On 03/28/2016 05:00 PM, Ramaiah, Vanna G. wrote: > Thank you. How to exclude service accounts from this password expiration? I > guess, If I don't run the command "kadmin: modprinc -policy userpolicy > oldprinc" for service accounts and create a policy with name other than > default, service accounts will remain untouched. Is that correct? Yes, that's correct. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
