Skip Menu |
 

Subject: [KFW 3.0 Feature Request] kinit.exe should perform password change operation if password has expired
When KfW kinit.exe switched from using krb5_get_in_tkt_with_password()
to krb5_get_init_creds_password() it lost the automatic attempt to
perform a password change operation when passwords have expired.

This code was not in the kinit.exe sources but within a particular path
of the krb5 library.

In KfM, this functionality is present in the kinit due to the reliance
on the Kerberos Logon Library. This library is not present on Windows
in KfW 2.6. However, it will be for KfW 3.0.

This ticket is to serve as a feature request reminder.

Jeffrey Altman
the requestor discovered the reason that the password change option was
not taking place was due to the lack of specification of the kdc_master
entry in the krb5.ini file.