On Tue, Mar 20, 2012 at 10:47:40PM +0100, Andreas B. Mundt wrote: > On Tue, Mar 20, 2012 at 10:00:43PM +0100, Petter Reinholdtsen wrote: > > [Andreas B. Mundt] > > > > Just remove the "-maxlife" option completely. Use something like: > > > > > > kadmin.local -q "add_policy -minlength 4 -minclasses 2 user" > > > > What is the default value when -maxlife is not used? > > -- > > I use a "default" policy created by: > > kadmin.local -q "add_policy -minlength 4 -minclasses 2 default" >
[..] > So the default seems to be: > > Password expiration date: [none] Yes, in other words the default value seems to be 0. So one could set it back to the default by executing kadmin.local -q "modpol -maxlife 0secs users" New user accounts should then have: Password expiration date: [none] Wolfgang
signature.asc
Description: Digital signature
