[Freeipa-users] non-expiring password policy (or as close as I can come)
Sigbjorn Lie
sigbjorn at nixtra.com
Thu Jan 24 23:05:22 UTC 2013
On 01/24/2013 11:17 PM, KodaK wrote:
> On Thu, Jan 24, 2013 at 4:03 PM, Rob Crittenden <rcritten at redhat.com> wrote:
>> It is a 32-bit time problem.
>>
>> I'd set the maxlife no higher than 5000 for now.
>
> Thanks. Is there a way to apply this policy retroactively without
> requiring my users to reset passwords?
>
A calender will be shown to choose a date and time for simplicity if you
download and use the Apache Directory Studio
(http://directory.apache.org/studio/) to edit the krbPasswordExpiration
attribute for an user account. It works well.
Regards,
Siggi
More information about the Freeipa-users
mailing list