On Sat, Mar 24, 2012 at 09:23:42AM +0100, Holger Levsen wrote: > On Freitag, 23. März 2012, Petter Reinholdtsen wrote: > > Could the problem be that the passwords are too short? Kerberos > > rejects passwords shorter than 6 characters. > > if thats not enforced in gosa, it should be. Providing too short passwords reproduces the problem. GOsa² accepts giving feedback 'ok' (LDAP Manager). Same providing too short pw manually. One more trap: Option minclasses isn't, but should be checked, too. --------------- snip kerberos-kdc-init ------------------------ # Kerberos policy setup kadmin.local -q "addpol -maxlife \"2 days\" -minlength 5 users" kadmin.local -q "addpol -minclasses 2 hosts" --------------------------------------------------------------- Wouldn't it be better to have something like this: kadmin.local -q "addpol -minlength 6 -minclasses 2 users" kadmin.local -q "addpol -minlength 4 -minclasses 2 hosts" Wolfgang
Attachment:
signature.asc
Description: Digital signature