Re: [Freeipa-devel] [PATCH] 810 fix re-enrolling a host with a OTP

Martin Kosek wrote: On Fri, 2011-07-01 at 11:40 -0400, Rob Crittenden wrote: Rob Crittenden wrote: Rob Crittenden wrote: Don't set krbLastPwdChange when setting a host OTP password. We have no visibility into whether an entry has a keytab or not so krbLastPwdChange is used as a rough guide.

Re: [Freeipa-devel] [PATCH] 810 fix re-enrolling a host with a OTP

On Fri, 2011-07-01 at 11:40 -0400, Rob Crittenden wrote: > Rob Crittenden wrote: > > Rob Crittenden wrote: > >> Don't set krbLastPwdChange when setting a host OTP password. > >> > >> We have no visibility into whether an entry has a keytab or not so > >> krbLastPwdChange is used as a rough guide. >

Re: [Freeipa-devel] [PATCH] 810 fix re-enrolling a host with a OTP

Rob Crittenden wrote: Rob Crittenden wrote: Don't set krbLastPwdChange when setting a host OTP password. We have no visibility into whether an entry has a keytab or not so krbLastPwdChange is used as a rough guide. If this value exists during enrollment then it fails because the host is consid

Re: [Freeipa-devel] [PATCH] 810 fix re-enrolling a host with a OTP

Rob Crittenden wrote: Don't set krbLastPwdChange when setting a host OTP password. We have no visibility into whether an entry has a keytab or not so krbLastPwdChange is used as a rough guide. If this value exists during enrollment then it fails because the host is considered already joined. Th

[Freeipa-devel] [PATCH] 810 fix re-enrolling a host with a OTP

Don't set krbLastPwdChange when setting a host OTP password. We have no visibility into whether an entry has a keytab or not so krbLastPwdChange is used as a rough guide. If this value exists during enrollment then it fails because the host is considered already joined. This was getting set w