package: debian-edu.config
version: 1.453
Hi Wolfgang,
thanks for confirming and providing more info.
On Samstag, 24. März 2012, Wolfgang Schweer wrote:
> On Sat, Mar 24, 2012 at 09:23:42AM +0100, Holger Levsen wrote:
> > On Freitag, 23. März 2012, Petter Reinholdtsen wrote:
> > > Could the problem be that the passwords are too short? Kerberos
> > > rejects passwords shorter than 6 characters.
> >
> > if thats not enforced in gosa, it should be.
>
> Providing too short passwords reproduces the problem. GOsa² accepts
> giving feedback 'ok' (LDAP Manager). Same providing too short pw
> manually.
>
> One more trap:
>
> Option minclasses isn't, but should be checked, too.
>
> --------------- snip kerberos-kdc-init ------------------------
> # Kerberos policy setup
> kadmin.local -q "addpol -maxlife \"2 days\" -minlength 5 users"
> kadmin.local -q "addpol -minclasses 2 hosts"
> ---------------------------------------------------------------
>
> Wouldn't it be better to have something like this:
>
> kadmin.local -q "addpol -minlength 6 -minclasses 2 users"
> kadmin.local -q "addpol -minlength 4 -minclasses 2 hosts"
cheers,
Holger
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
