On 4/29/07, Ken Hornstein <[EMAIL PROTECTED]> wrote:
>If I recall correctly, our method for handling the salt correctly for
>any enctype now involves having the person set a new password
>when they change their username.
If you're going to do this anyway, and assuming you aren't doing
the right magic to preserve the password history correctly (from what I
remember, that old code in kadmind didn't do that), then why are you
adding the code for rename_principal back into kadmind? It sounds
like you could do everything you are talking about with a delete
and an add.
We started having users set a new password when they change
their username within the last year. We've been putting the
rename code back in for a lot longer. John would have to say
if we do anything with password history, though I think we
don't.
-Tracy
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
