On pe, 18 marras 2016, Brian Candler wrote:
Looking at FreeIPA 4.2 under CentOS 7: I find that LDAP simple binds
succeed even for DNs whose krbPasswordExpiration time has passed. Is
this fixed, or is it possible to change this?
Not yet. We have a ticket you can look at and read the history of
Looking at FreeIPA 4.2 under CentOS 7: I find that LDAP simple binds
succeed even for DNs whose krbPasswordExpiration time has passed. Is
this fixed, or is it possible to change this?
The reason I ask is because some applications use LDAP bind as a
password validation oracle: for example, if